CVE-2013-4182
published 2013-09-16CVE-2013-4182: app/controllers/api/v1/hosts_controller.rb in Foreman before 1.2.2 does not properly restrict access to hosts, which allows remote attackers to access…
high7.5CVSS 3.1
AVNACLAuNCPIPAP
app/controllers/api/v1/hosts_controller.rb in Foreman before 1.2.2 does not properly restrict access to hosts, which allows remote attackers to access arbitrary hosts via an API request.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| redhat | openstack | — | — |
| theforeman | foreman | <= 1.2.1 | — |
| theforeman | foreman | — | — |