CVE-2015-1816
foreman: lack of SSL certificate validation when performing LDAPS authentication
Severity Score
5.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Forman before 1.7.4 does not verify SSL certificates for LDAP connections, which allows man-in-the-middle attackers to spoof LDAP servers via a crafted certificate.
Vulnerabilidad en Foreman en versiones anteriores a 1.7.4, no verifica certificados SSL para conexiones LDAP, lo que permite a atacantes man-in-the-middle suplantar servidores LDAP a través de un certificado manipulado.
It was found that when making an SSL connection to an LDAP authentication source in Foreman, the remote server certificate was accepted without any verification against known certificate authorities, potentially making TLS connections vulnerable to man-in-the-middle attacks.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2015-02-17 CVE Reserved
- 2015-08-12 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-295: Improper Certificate Validation
- CWE-310: Cryptographic Issues
CAPEC
References (7)
| URL | Tag | Source |
|---|---|---|
| https://github.com/theforeman/foreman/pull/2265 | X_refsource_confirm | |
| https://groups.google.com/forum/#%21topic/foreman-announce/9ZnuPcplNLI | X_refsource_confirm |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://projects.theforeman.org/issues/9858 | 2023-11-07 | |
| https://access.redhat.com/errata/RHSA-2015:1591 | 2023-11-07 | |
| https://access.redhat.com/errata/RHSA-2015:1592 | 2023-11-07 | |
| https://access.redhat.com/security/cve/CVE-2015-1816 | 2015-08-12 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1208602 | 2015-08-12 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Theforeman Search vendor "Theforeman" | Foreman Search vendor "Theforeman" for product "Foreman" | <= 1.7.3 Search vendor "Theforeman" for product "Foreman" and version " <= 1.7.3" | - |
Affected
| ||||||