CVSS: 10.0EPSS: 3%CPEs: 6EXPL: 1CVE-2014-0007 – Foreman Smart-Proxy - Remote Command Injection
https://notcve.org/view.php?id=CVE-2014-0007
The Smart-Proxy in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the path parameter to tftp/fetch_boot_file. Smart-Proxy en Foreman anterior a 1.4.5 y 1.5.x anterior a 1.5.1 permite a atacantes remotos ejecutar comandos arbitrarios a través de metacaracteres de shell en el parámetro path en tftp/fetch_boot_file. • https://www.exploit-db.com/exploits/39222 http://projects.theforeman.org/issues/6086 http://rhn.redhat.com/errata/RHSA-2014-0770.html https://access.redhat.com/security/cve/CVE-2014-0007 https://bugzilla.redhat.com/show_bug.cgi?id=1105369 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.8EPSS: 0%CPEs: 10EXPL: 0CVE-2014-0090
https://notcve.org/view.php?id=CVE-2014-0090
Session fixation vulnerability in Foreman before 1.4.2 allows remote attackers to hijack web sessions via the session id cookie. Vulnerabilidad de fijación de sesión en Foreman anterior a 1.4.2 permite a atacantes remotos secuestrar sesiones web a través de la cookie session id. • http://projects.theforeman.org/issues/4457 http://theforeman.org/security.html https://bugzilla.redhat.com/show_bug.cgi?id=1072151 • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2013-4386 – Foreman: host and host group parameter SQL injection
https://notcve.org/view.php?id=CVE-2013-4386
Multiple SQL injection vulnerabilities in app/models/concerns/host_common.rb in Foreman before 1.2.3 allow remote attackers to execute arbitrary SQL commands via the (1) fqdn or (2) hostgroup parameter. Múltiples vulnerabilidades de inyección SQL en app/models/concerns/host_common.rb de Foreman anterior a la versión 1.2.3 permite a atacantes remotos ejecutar comandos SQL arbitrarios a través de (1) fqdn o (2) parámetro hostgroup. • http://projects.theforeman.org/issues/3160 http://rhn.redhat.com/errata/RHSA-2013-1522.html https://groups.google.com/forum/#%21topic/foreman-announce/GKMNXM66Z84 https://access.redhat.com/security/cve/CVE-2013-4386 https://bugzilla.redhat.com/show_bug.cgi?id=1013076 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0CVE-2013-4180 – Foreman: hosts_controller.rb power/ipmi_boot Symbol creation DoS
https://notcve.org/view.php?id=CVE-2013-4180
The (1) power and (2) ipmi_boot actions in the HostController in Foreman before 1.2.2 allow remote attackers to cause a denial of service (memory consumption) via unspecified input that is converted to a symbol. Las acciones (1) power y (2) ipmi_boot en el HostController de Foreman anterior 1.2.2 permite a atacante remoto causar denegacion de servicio (consumo de memoria) a través de una entrda sin especificar que es convertida a un simbolo • http://projects.theforeman.org/issues/2860 http://rhn.redhat.com/errata/RHSA-2013-1196.html http://theforeman.org/manuals/1.2/index.html#Releasenotesfor1.2.2 https://access.redhat.com/security/cve/CVE-2013-4180 https://bugzilla.redhat.com/show_bug.cgi?id=989755 • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2013-4182 – foreman: app/controllers/api/v1/hosts_controller.rb API privilege escalation
https://notcve.org/view.php?id=CVE-2013-4182
app/controllers/api/v1/hosts_controller.rb in Foreman before 1.2.2 does not properly restrict access to hosts, which allows remote attackers to access arbitrary hosts via an API request. app/controllers/api/v1/hosts_controller.rb en Foreman anteriores a v1.2.2 no restringe correctamente el acceso a hosts arbitrarios a través de una petición API. • http://projects.theforeman.org/issues/2863 http://rhn.redhat.com/errata/RHSA-2013-1196.html http://theforeman.org/manuals/1.2/index.html#Releasenotesfor1.2.2 https://bugzilla.redhat.com/show_bug.cgi?id=990374 https://access.redhat.com/security/cve/CVE-2013-4182 • CWE-264: Permissions, Privileges, and Access Controls CWE-862: Missing Authorization •