CVE-2013-0174 β€” Sensitive Information Exposure in Foreman

CWE-200 β€” Sensitive Information Exposure3 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
0.4%
top 39.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Theforeman Foreman
Timeline
PublishedMay 8
Latest updateMay 5

Description

The external node classifier (ENC) API in Foreman before 1.1 allows remote attackers to obtain the hashed root password via an API request.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

β–ΆNVDtheforeman/foreman1.0

πŸ”΄Vulnerability Details

2
GHSA
GHSA-r62r-q8j9-cw33: The external node classifier (ENC) API in Foreman before 1β†—2022-05-05
β–Ά
CVEList
CVE-2013-0174: The external node classifier (ENC) API in Foreman before 1β†—2014-05-08
β–Ά
CVE-2013-0174 β€” Sensitive Information Exposure | cvebase