cbcvebase.
CVE-2021-3590
published 2022-08-22

CVE-2021-3590: A flaw was found in Foreman project. A credential leak was identified which will expose Azure Compute Profile password through JSON of the API output. The…

PriorityP348high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
0.56%
42.2th percentile
A flaw was found in Foreman project. A credential leak was identified which will expose Azure Compute Profile password through JSON of the API output. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Affected

3 ranges
VendorProductVersion rangeFixed in
redhatsatellite
theforemanforeman
theforemanforeman>= 1.6.0

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vendor_redhat8.8HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.