cbcvebase.

Theforeman Foreman vulnerabilities

65 known vulnerabilities affecting theforeman/foreman.

Total CVEs
65
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH18MEDIUM44LOW1

Vulnerabilities

Page 3 of 4
CVE-2017-15100P4MEDIUMCVSS 6.1fixed in 1.16.02017-11-27
CVE-2017-15100 [MEDIUM] CWE-79 CVE-2017-15100: An attacker submitting facts to the Foreman server containing HTML can cause a stored XSS on certain An attacker submitting facts to the Foreman server containing HTML can cause a stored XSS on certain pages: (1) Facts page, when clicking on the "chart" button and hovering over the chart; (2) Trends page, when checking the graph for a trend based on a such fact; (3) Statistics page, for facts that are aggregated on this page.
nvd
CVE-2018-14664P4MEDIUMCVSS 5.4v1.18.02018-10-12
CVE-2018-14664 [MEDIUM] CWE-79 CVE-2018-14664: A flaw was found in foreman from versions 1.18. A stored cross-site scripting vulnerability exists d A flaw was found in foreman from versions 1.18. A stored cross-site scripting vulnerability exists due to an improperly escaped HTML code in the breadcrumbs bar. This allows a user with permissions to edit which attribute is used in the breadcrumbs bar to store code that will be executed on the client side.
nvd
CVE-2015-5233P4MEDIUMCVSS 4.2≤ 1.8.3v1.9.02016-04-11
CVE-2015-5233 [MEDIUM] CWE-264 CVE-2015-5233: Foreman before 1.8.4 and 1.9.x before 1.9.1 do not properly apply view_hosts permissions, which allo Foreman before 1.8.4 and 1.9.x before 1.9.1 do not properly apply view_hosts permissions, which allows (1) remote authenticated users with the view_reports permission to read reports from arbitrary hosts or (2) remote authenticated users with the destroy_reports permission to delete reports from arbitrary hosts via direct access to the (a) individual
nvd
CVE-2015-3155P4MEDIUMCVSS 5.0≤ 1.8.02015-08-14
CVE-2015-3155 [MEDIUM] CWE-284 CVE-2015-3155: Foreman before 1.8.1 does not set the secure flag for the _session_id cookie in an https session, wh Foreman before 1.8.1 does not set the secure flag for the _session_id cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.
nvd
CVE-2016-8634P4MEDIUMCVSS 5.4v1.14.02018-08-01
CVE-2016-8634 [MEDIUM] CWE-79 CVE-2016-8634: A vulnerability was found in foreman 1.14.0. When creating an organization or location in Foreman, i A vulnerability was found in foreman 1.14.0. When creating an organization or location in Foreman, if the name contains HTML then the second step of the wizard (/organizations/id/step2) will render the HTML. This occurs in the alertbox on the page. The result is a stored XSS attack if an organization/location with HTML in the name is created, then a us
nvd
CVE-2016-6320P4MEDIUMCVSS 5.4≤ 1.12.12016-08-19
CVE-2016-6320 [MEDIUM] CWE-79 CVE-2016-6320: Cross-site scripting (XSS) vulnerability in app/assets/javascripts/host_edit_interfaces.js in Forema Cross-site scripting (XSS) vulnerability in app/assets/javascripts/host_edit_interfaces.js in Foreman before 1.12.2 allows remote authenticated users to inject arbitrary web script or HTML via the network interface device identifier in the host interface form.
nvd
CVE-2015-5282P4MEDIUMCVSS 6.1v1.7.0v1.7.1+43 more2017-09-25
CVE-2015-5282 [MEDIUM] CWE-79 CVE-2015-5282: Cross-site scripting (XSS) vulnerability in Foreman 1.7.0 and after. Cross-site scripting (XSS) vulnerability in Foreman 1.7.0 and after.
nvd
CVE-2014-3531P4MEDIUMCVSS 5.4≤ 1.5.12017-10-18
CVE-2014-3531 [MEDIUM] CWE-79 CVE-2014-3531: Multiple cross-site scripting (XSS) vulnerabilities in Foreman before 1.5.2 allow remote authenticat Multiple cross-site scripting (XSS) vulnerabilities in Foreman before 1.5.2 allow remote authenticated users to inject arbitrary web script or HTML via the operating system (1) name or (2) description.
nvd
CVE-2014-0192P4MEDIUMCVSS 5.0v1.4.0v1.4.1+3 more2014-05-08
CVE-2014-0192 [MEDIUM] CWE-264 CVE-2014-0192: Foreman 1.4.0 before 1.5.0 does not properly restrict access to provisioning template previews, whic Foreman 1.4.0 before 1.5.0 does not properly restrict access to provisioning template previews, which allows remote attackers to obtain sensitive information via the hostname parameter, related to "spoof."
nvd
CVE-2013-0173P4MEDIUMCVSS 5.0≤ 1.02014-05-08
CVE-2013-0173 [MEDIUM] CWE-310 CVE-2013-0173: Foreman before 1.1 uses a salt of "foreman" to hash root passwords, which makes it easier for attack Foreman before 1.1 uses a salt of "foreman" to hash root passwords, which makes it easier for attackers to guess the password via a brute force attack.
nvd
CVE-2015-1844P4MEDIUMCVSS 4.0≤ 1.7.42015-08-14
CVE-2015-1844 [MEDIUM] CWE-264 CVE-2015-1844: Foreman before 1.7.5 allows remote authenticated users to bypass organization and location restricti Foreman before 1.7.5 allows remote authenticated users to bypass organization and location restrictions by connecting through the REST API.
nvd
CVE-2013-4180P4MEDIUMCVSS 5.0≤ 1.2.1v1.2.02013-09-16
CVE-2013-4180 [MEDIUM] CWE-20 CVE-2013-4180: The (1) power and (2) ipmi_boot actions in the HostController in Foreman before 1.2.2 allow remote a The (1) power and (2) ipmi_boot actions in the HostController in Foreman before 1.2.2 allow remote attackers to cause a denial of service (memory consumption) via unspecified input that is converted to a symbol.
nvd
CVE-2014-0208P4MEDIUMCVSS 5.4≤ 1.4.32017-10-16
CVE-2014-0208 [MEDIUM] CWE-79 CVE-2014-0208: Cross-site scripting (XSS) vulnerability in the search auto-completion functionality in Foreman befo Cross-site scripting (XSS) vulnerability in the search auto-completion functionality in Foreman before 1.4.4 allows remote authenticated users to inject arbitrary web script or HTML via a crafted key name.
nvd
CVE-2020-10710P4MEDIUMCVSS 4.4fixed in 1.24.1.222022-08-16
CVE-2020-10710 [MEDIUM] CWE-522 CVE-2020-10710: A flaw was found where the Plaintext Candlepin password is disclosed while updating Red Hat Satellit A flaw was found where the Plaintext Candlepin password is disclosed while updating Red Hat Satellite through the satellite-installer. This flaw allows an attacker with sufficiently high privileges, such as root, to retrieve the Candlepin plaintext password.
nvd
CVE-2018-16861P4MEDIUMCVSS 4.8fixed in 1.18.3≥ 1.19.0, < 1.19.1+1 more2018-12-07
CVE-2018-16861 [MEDIUM] CWE-79 CVE-2018-16861: A cross-site scripting (XSS) flaw was found in the foreman component of satellite. An attacker with A cross-site scripting (XSS) flaw was found in the foreman component of satellite. An attacker with privilege to create entries using the Hosts, Monitor, Infrastructure, or Administer Menus is able to execute a XSS attacks against other users, possibly leading to malicious code execution and extraction of the anti-CSRF token of higher privileged users
nvd
CVE-2016-7077P4MEDIUMCVSS 4.3fixed in 1.14.02018-09-10
CVE-2016-7077 [MEDIUM] CWE-285 CVE-2016-7077: foreman before 1.14.0 is vulnerable to an information leak. It was found that Foreman form helper do foreman before 1.14.0 is vulnerable to an information leak. It was found that Foreman form helper does not authorize options for associated objects. Unauthorized user can see names of such objects if their count is less than 6.
nvd
CVE-2016-7078P4MEDIUMCVSS 4.3v1.15.02018-09-10
CVE-2016-7078 [MEDIUM] CWE-285 CVE-2016-7078: foreman before version 1.15.0 is vulnerable to an information leak through organizations and locatio foreman before version 1.15.0 is vulnerable to an information leak through organizations and locations feature. When a user is assigned _no_ organizations/locations, they are able to view all resources instead of none (mirroring an administrator's view). The user's actions are still limited by their assigned permissions, e.g. to control viewing, editi
nvd
CVE-2015-1816P4MEDIUMCVSS 5.0≤ 1.7.32015-08-14
CVE-2015-1816 [MEDIUM] CWE-310 CVE-2015-1816: Forman before 1.7.4 does not verify SSL certificates for LDAP connections, which allows man-in-the-m Forman before 1.7.4 does not verify SSL certificates for LDAP connections, which allows man-in-the-middle attackers to spoof LDAP servers via a crafted certificate.
nvd
CVE-2014-3653P4MEDIUMCVSS 4.3≤ 1.6.02015-07-06
CVE-2014-3653 [MEDIUM] CWE-79 CVE-2014-3653: Cross-site scripting (XSS) vulnerability in the template preview function in Foreman before 1.6.1 al Cross-site scripting (XSS) vulnerability in the template preview function in Foreman before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted provisioning template.
nvd
CVE-2015-7518P4MEDIUMCVSS 4.3≤ 1.9.32015-12-17
CVE-2015-7518 [MEDIUM] CWE-79 CVE-2015-7518: Multiple cross-site scripting (XSS) vulnerabilities in information popups in Foreman before 1.10.0 a Multiple cross-site scripting (XSS) vulnerabilities in information popups in Foreman before 1.10.0 allow remote attackers to inject arbitrary web script or HTML via (1) global parameters, (2) smart class parameters, or (3) smart variables in the (a) host or (b) hostgroup edit forms.
nvd
Theforeman Foreman vulnerabilities | cvebase