CVE-2019-3893

foreman: Recover of plaintext password or token for the compute resources

Severity Score

4.9

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In Foreman it was discovered that the delete compute resource operation, when executed from the Foreman API, leads to the disclosure of the plaintext password or token for the affected compute resource. A malicious user with the "delete_compute_resource" permission can use this flaw to take control over compute resources managed by foreman. Versions before 1.20.3, 1.21.1, 1.22.0 are vulnerable.

En Foreman se descubrió que la operación de eliminar recursos de cálculo, cuando se ejecuta desde la API de Foreman, conduce a la revelación de la contraseña de texto plano o token para el recurso de cálculo afectado. Un usuario malicioso con el permiso "delete_compute_resource" puede utilizar este fallo para tomar el control de los recursos de cálculo gestionados por Foreman. Las versiones anteriores a 1.20.3, 1.21.1, 1.22.0 son vulnerables.

It was discovered that the delete compute resource operation, when executed from the Foreman API, leads to the disclosure of the plaintext password or token for the affected compute resource. A malicious user with the "delete_compute_resource" permission can use this flaw to take control over compute resources managed by foreman.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Attack Vector

Network

Attack Complexity

Low

Authentication

Single

Confidentiality

Partial

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2019-01-03 CVE Reserved
2019-04-09 CVE Published
2024-08-04 CVE Updated
2024-08-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-732: Incorrect Permission Assignment for Critical Resource

CAPEC

References (7)

URL	Tag	Source
http://www.openwall.com/lists/oss-security/2019/04/14/2	Mailing List
http://www.securityfocus.com/bid/107846	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3893	Issue Tracking
https://github.com/theforeman/foreman/pull/6621	Third Party Advisory

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://projects.theforeman.org/issues/26450	2022-11-30
https://access.redhat.com/security/cve/CVE-2019-3893	2019-10-22
https://bugzilla.redhat.com/show_bug.cgi?id=1696400	2019-10-22

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Theforeman Search vendor "Theforeman"		Foreman Search vendor "Theforeman" for product "Foreman"				>= 1.20.0 < 1.20.3 Search vendor "Theforeman" for product "Foreman" and version " >= 1.20.0 < 1.20.3"		-		Affected
Theforeman Search vendor "Theforeman"		Foreman Search vendor "Theforeman" for product "Foreman"				>= 1.21.0 < 1.21.1 Search vendor "Theforeman" for product "Foreman" and version " >= 1.21.0 < 1.21.1"		-		Affected
Redhat Search vendor "Redhat"		Satellite Search vendor "Redhat" for product "Satellite"				6.0 Search vendor "Redhat" for product "Satellite" and version "6.0"		-		Affected