Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2013-2113Improper Authorization in Foreman

CWE-264CWE-285Improper Authorization6 documents6 sources
Severity
6.0MEDIUMNVD
EPSS
47.4%
top 2.30%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Theforeman ForemanRedhat Openstack
Timeline
PublishedJul 31
Latest updateMay 14

Description

The create method in app/controllers/users_controller.rb in Foreman before 1.2.0-RC2 allows remote authenticated users with permissions to create or edit other users to gain privileges by (1) changing the admin flag or (2) assigning an arbitrary role.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 6.8 | Impact: 6.4

Affected Packages2 packages

NVDtheforeman/foreman1.2.0+1

🔴Vulnerability Details

2
GHSA
GHSA-5f23-fjp4-22q7: The create method in app/controllers/users_controller2022-05-14
CVEList
CVE-2013-2113: The create method in app/controllers/users_controller2013-07-31

💥Exploits & PoCs

1
Exploit-DB
Foreman (RedHat OpenStack/Satellite) - users/create Mass Assignment (Metasploit)2013-08-22

📋Vendor Advisories

1
Red Hat
Foreman: app/controllers/users_controller.rb arbitrary admin user creation due to mass assignment2013-06-07

💬Community

1
Bugzilla
CVE-2013-2113 Foreman: app/controllers/users_controller.rb arbitrary admin user creation due to mass assignment2013-05-24
CVE-2013-2113 — Improper Authorization in Foreman | cvebase