CVE-2021-3494Cleartext Transmission of Sensitive Info in Foreman

CWE-319Cleartext Transmission of Sensitive Info4 documents4 sources
Severity
5.9MEDIUMNVD
EPSS
0.3%
top 49.51%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Theforeman Foreman
Timeline
PublishedApr 26
Latest updateMay 24

Description

A smart proxy that provides a restful API to various sub-systems of the Foreman is affected by the flaw which can cause a Man-in-the-Middle attack. The FreeIPA module of Foreman smart proxy does not check the SSL certificate, thus, an unauthenticated attacker can perform actions in FreeIPA if certain conditions are met. The highest threat from this flaw is to system confidentiality. This flaw affects Foreman versions before 2.5.0.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages2 packages

NVDtheforeman/foreman< 2.5.0
CVEListV5theforeman/foremanforeman 2.5.0

🔴Vulnerability Details

2
GHSA
GHSA-3wj7-9qg6-8h3x: A smart proxy that provides a restful API to various sub-systems of the Foreman is affected by the flaw which can cause a Man-in-the-Middle attack2022-05-24
CVEList
CVE-2021-3494: A smart proxy that provides a restful API to various sub-systems of the Foreman is affected by the flaw which can cause a Man-in-the-Middle attack2021-04-26

📋Vendor Advisories

1
Red Hat
foreman: possible man-in-the-middle in smart_proxy realm_freeipa2021-04-09
CVE-2021-3494 — Theforeman Foreman vulnerability | cvebase