CVE-2016-2100
published 2016-05-20CVE-2016-2100: Foreman before 1.10.3 and 1.11.0 before 1.11.0-RC2 allow remote authenticated users to read, modify, or delete private bookmarks by leveraging the (1)…
PriorityP427medium5.4CVSS 3.0
AVNACLPRLUINSUCLILAN
EPSS
1.17%
63.6th percentile
Foreman before 1.10.3 and 1.11.0 before 1.11.0-RC2 allow remote authenticated users to read, modify, or delete private bookmarks by leveraging the (1) edit_bookmarks or (2) destroy_bookmarks permission.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| theforeman | foreman | <= 1.10.2 | — |
| theforeman | foreman | — | — |
CVSS provenance
nvdv3.05.4MEDIUMCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
vendor_cisco9.0CRITICAL
vendor_redhat5.4MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-96w5-w762-fpvr: Foreman before 1
ghsa_unreviewed·2022-05-14
CVE-2016-2100 [MEDIUM] CWE-284 GHSA-96w5-w762-fpvr: Foreman before 1
Foreman before 1.10.3 and 1.11.0 before 1.11.0-RC2 allow remote authenticated users to read, modify, or delete private bookmarks by leveraging the (1) edit_bookmarks or (2) destroy_bookmarks permission.
Cisco
Cisco Cloud Services Platform 2100 Command Injection Vulnerability
vendor_cisco·2016-09-21·CVSS 9.0
CVE-2016-6373 [CRITICAL] CWE-78 Cisco Cloud Services Platform 2100 Command Injection Vulnerability
Cisco Cloud Services Platform 2100 Command Injection Vulnerability
A vulnerability in the web-based GUI of the Cisco Cloud Services Platform 2100 could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system with the privileges of the root user.
The vulnerability is due to insufficient sanitization of user-supplied input. An attacker could exploit this vulnerability by authenticating to the affected system with administrative privileges and inserting arbitrary commands. An exploit could allow the attacker to execute arbitrary commands on the host operating system with the privileges of root.
Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.
This advisory is
Cisco
Cisco Cloud Services Platform 2100 Remote Command Execution Vulnerability
vendor_cisco·2016-09-21·CVSS 7.5
CVE-2016-6374 [HIGH] CWE-20 Cisco Cloud Services Platform 2100 Remote Command Execution Vulnerability
Cisco Cloud Services Platform 2100 Remote Command Execution Vulnerability
A vulnerability in the web interface of Cisco Cloud Services Platform (CSP) 2100 could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.
The vulnerability is due to insufficient sanitization of specific values received as part of a user-supplied HTTP request. An attacker could exploit this vulnerability by sending a malicious dnslookup request to the affected system. An exploit could allow the attacker to execute arbitrary code with the privileges of the user.
Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.
This advisory is available at the following link: https://sec.cloudapps.cisco.com/sec
Red Hat
foreman: Unprivileged user can access private bookmarks of other users
vendor_redhat·2015-02-13·CVSS 5.4
CVE-2016-2100 [MEDIUM] CWE-200 foreman: Unprivileged user can access private bookmarks of other users
foreman: Unprivileged user can access private bookmarks of other users
Foreman before 1.10.3 and 1.11.0 before 1.11.0-RC2 allow remote authenticated users to read, modify, or delete private bookmarks by leveraging the (1) edit_bookmarks or (2) destroy_bookmarks permission.
It was found that access to private bookmarks of users is not properly restricted in Foreman. This could allow an attacker to view the search terms used in these bookmarks which should be private.
Package: foreman (OpenStack Foreman) - Under investigation
Package: foreman (Red Hat Ceph Storage 1.3) - Under investigation
Package: foreman (Red Hat Enterprise Linux OpenStack Platform 6 (Juno) Installer) - Under investigation
Cisco
Cisco Cloud Services Platform 2100 Command Injection Vulnerability
vendor_cisco
CVE-2016-6373 Cisco Cloud Services Platform 2100 Command Injection Vulnerability
CVE-2016-6373: Cisco Cloud Services Platform 2100 Command Injection Vulnerability
A vulnerability in the web-based GUI of the Cisco Cloud Services Platform 2100 could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system with the privileges of the root user. The vulnerability is due to insufficient sanitization of user-supplied input. An attacker could exploit this vulnerability by authenticating to the affected system with administrative privileges and inserting arbitrary commands. An exploit could allow the attacker to execute arbitrary commands on the host operating system with the privileges of root . Cisco has released software updates that address this vulnerability.
CWE: CWE-78, CWE-78
Bug IDs: CSCva00541
Cisco
Cisco Cloud Services Platform 2100 Remote Command Execution Vulnerability
vendor_cisco
CVE-2016-6374 Cisco Cloud Services Platform 2100 Remote Command Execution Vulnerability
CVE-2016-6374: Cisco Cloud Services Platform 2100 Remote Command Execution Vulnerability
A vulnerability in the web interface of Cisco Cloud Services Platform (CSP) 2100 could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. The vulnerability is due to insufficient sanitization of specific values received as part of a user-supplied HTTP request. An attacker could exploit this vulnerability by sending a malicious dnslookup request to the affected system. An exploit could allow the attacker to execute arbitrary code with the privileges of the user. Cisco has released software updates that address this vulnerability.
CWE: CWE-20, CWE-20
Bug IDs: CSCuz89093
No detection rules found.
No public exploits indexed.
http://projects.theforeman.org/issues/13828http://theforeman.org/security.html#2016-2100http://www.openwall.com/lists/oss-security/2016/03/31/2https://access.redhat.com/errata/RHBA-2016:1500http://projects.theforeman.org/issues/13828http://theforeman.org/security.html#2016-2100http://www.openwall.com/lists/oss-security/2016/03/31/2https://access.redhat.com/errata/RHBA-2016:1500
2016-05-20
Published