Vulnerabilities (CVE)

Filtered by vendor Theforeman Subscribe
Total 90 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-1844 1 Theforeman 1 Foreman 2024-02-28 4.0 MEDIUM N/A
Foreman before 1.7.5 allows remote authenticated users to bypass organization and location restrictions by connecting through the REST API.
CVE-2015-3235 1 Theforeman 1 Foreman 2024-02-28 6.0 MEDIUM N/A
Foreman before 1.9.0 allows remote authenticated users with the edit_users permission to edit administrator users and change their passwords via unspecified vectors.
CVE-2016-4475 1 Theforeman 1 Foreman 2024-02-28 6.5 MEDIUM 8.8 HIGH
The (1) Organization and (2) Locations APIs and UIs in Foreman before 1.11.4 and 1.12.x before 1.12.0-RC3 allow remote authenticated users to bypass organization and location restrictions and (a) read, (b) edit, or (c) delete arbitrary organizations or locations via unspecified vectors.
CVE-2016-3728 1 Theforeman 1 Foreman 2024-02-28 6.8 MEDIUM 8.8 HIGH
Eval injection vulnerability in tftp_api.rb in the TFTP module in the Smart-Proxy in Foreman before 1.10.4 and 1.11.x before 1.11.2 allows remote attackers to execute arbitrary code via the PXE template type portion of the PATH_INFO to tftp/.
CVE-2014-3653 1 Theforeman 1 Foreman 2024-02-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the template preview function in Foreman before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted provisioning template.
CVE-2016-2100 1 Theforeman 1 Foreman 2024-02-28 6.5 MEDIUM 5.4 MEDIUM
Foreman before 1.10.3 and 1.11.0 before 1.11.0-RC2 allow remote authenticated users to read, modify, or delete private bookmarks by leveraging the (1) edit_bookmarks or (2) destroy_bookmarks permission.
CVE-2015-1816 1 Theforeman 1 Foreman 2024-02-28 5.0 MEDIUM N/A
Forman before 1.7.4 does not verify SSL certificates for LDAP connections, which allows man-in-the-middle attackers to spoof LDAP servers via a crafted certificate.
CVE-2013-0210 1 Theforeman 1 Foreman 2024-02-28 7.5 HIGH N/A
The smart proxy Puppet run API in Foreman before 1.2.0 allows remote attackers to execute arbitrary commands via vectors related to escaping and Puppet commands.
CVE-2013-0174 1 Theforeman 1 Foreman 2024-02-28 5.0 MEDIUM N/A
The external node classifier (ENC) API in Foreman before 1.1 allows remote attackers to obtain the hashed root password via an API request.
CVE-2014-0007 1 Theforeman 1 Foreman 2024-02-28 7.5 HIGH N/A
The Smart-Proxy in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the path parameter to tftp/fetch_boot_file.
CVE-2012-5648 1 Theforeman 1 Foreman 2024-02-28 7.5 HIGH N/A
Multiple SQL injection vulnerabilities in Foreman before 1.0.2 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) app/models/hostext/search.rb or (2) app/models/puppetclass.rb, related to the search mechanism.
CVE-2014-3492 1 Theforeman 1 Foreman 2024-02-28 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in the host YAML view in Foreman before 1.4.5 and 1.5.x before 1.5.1 allow remote attackers to inject arbitrary web script or HTML via a parameter (1) name or (2) value related to the host.
CVE-2014-0089 1 Theforeman 1 Foreman 2024-02-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in app/views/common/500.html.erb in Foreman 1.4.x before 1.4.2 allows remote authenticated users to inject arbitrary web script or HTML via the bookmark name when adding a bookmark.
CVE-2012-5477 1 Theforeman 1 Foreman 2024-02-28 3.6 LOW N/A
The smart proxy in Foreman before 1.1 uses a umask set to 0, which allows local users to modify files created by the daemon via unspecified vectors.
CVE-2013-0171 1 Theforeman 1 Foreman 2024-02-28 7.5 HIGH N/A
Foreman before 1.1 allows remote attackers to execute arbitrary code via a crafted YAML object to the (1) fact or (2) report import API.
CVE-2014-4507 1 Theforeman 1 Foreman 2024-02-28 6.4 MEDIUM N/A
Directory traversal vulnerability in Smart-Proxy in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the dst parameter to tftp/fetch_boot_file.
CVE-2014-0192 1 Theforeman 1 Foreman 2024-02-28 5.0 MEDIUM N/A
Foreman 1.4.0 before 1.5.0 does not properly restrict access to provisioning template previews, which allows remote attackers to obtain sensitive information via the hostname parameter, related to "spoof."
CVE-2013-0187 1 Theforeman 1 Foreman 2024-02-28 6.5 MEDIUM N/A
Foreman before 1.1 allows remote authenticated users to gain privileges via a (1) XMLHttpRequest or (2) AJAX request.
CVE-2013-2143 2 Redhat, Theforeman 2 Network Satellite, Katello 2024-02-28 6.5 MEDIUM N/A
The users controller in Katello 1.5.0-14 and earlier, and Red Hat Satellite, does not check authorization for the update_roles action, which allows remote authenticated users to gain privileges by setting a user account to an administrator account.
CVE-2014-3691 2 Redhat, Theforeman 2 Openstack, Foreman 2024-02-28 7.5 HIGH N/A
Smart Proxy (aka Smart-Proxy and foreman-proxy) in Foreman before 1.5.4 and 1.6.x before 1.6.2 does not validate SSL certificates, which allows remote attackers to bypass intended authentication and execute arbitrary API requests via a request without a certificate.