CVE-2021-3584
published 2021-12-23CVE-2021-3584: A server side remote code execution vulnerability was found in Foreman project. A authenticated attacker could use Sendmail configuration options to overwrite…
PriorityP351high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
EPSS
3.89%
88.9th percentile
A server side remote code execution vulnerability was found in Foreman project. A authenticated attacker could use Sendmail configuration options to overwrite the defaults and perform command injection. The highest threat from this vulnerability is to confidentiality, integrity and availability of system. Fixed releases are 2.4.1, 2.5.1, 3.0.0.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| redhat | satellite | — | — |
| theforeman | foreman | < 2.4.1 | 2.4.1 |
| theforeman | foreman | — | — |
| theforeman | foreman | — | — |
| theforeman | foreman | >= 2.5.0 < 2.5.1 | 2.5.1 |
CVSS provenance
nvdv3.17.2HIGHCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
nvdv2.09.0CRITICALAV:N/AC:L/Au:S/C:C/I:C/A:C
vendor_redhat7.2HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-x4xp-c8qv-8gww: A server side remote code execution vulnerability was found in Foreman project
ghsa_unreviewed·2021-12-24
CVE-2021-3584 [HIGH] CWE-78 GHSA-x4xp-c8qv-8gww: A server side remote code execution vulnerability was found in Foreman project
A server side remote code execution vulnerability was found in Foreman project. A authenticated attacker could use Sendmail configuration options to overwrite the defaults and perform command injection. The highest threat from this vulnerability is to confidentiality, integrity and availability of system. Fixed releases are 2.4.1, 2.5.1, 3.0.0.
Red Hat
foreman: Authenticate remote code execution through Sendmail configuration
vendor_redhat·2021-06-16·CVSS 7.2
CVE-2021-3584 [HIGH] CWE-78 foreman: Authenticate remote code execution through Sendmail configuration
foreman: Authenticate remote code execution through Sendmail configuration
A server side remote code execution vulnerability was found in Foreman project. A authenticated attacker could use Sendmail configuration options to overwrite the defaults and perform command injection. The highest threat from this vulnerability is to confidentiality, integrity and availability of system. Fixed releases are 2.4.1, 2.5.1, 3.0.0.
A server side remote code execution vulnerability was found in Foreman project. A authenticated attacker could use Sendmail configuration options to overwrite the defaults and perform command injection. The highest threat from this vulnerability is to confidentiality, integrity and availability of system.
Mitigation: This vulnerability can be mitigated by setting following
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2021-12-23
Published