CVE-2015-5152: Infoleak

First published: Wed Jul 15 2015(Updated: )

Dominic Cleal of Red Hat reports: The "require_ssl" setting (in /etc/foreman/settings.yml) should enforce that web requests sent to Foreman over HTTP are redirected to HTTPS, but this was found not to happen with API requests (e.g. from Hammer CLI). Foreman will process API requests over HTTP, but should have redirected. Redirection won't help with credentials having already been sent, but should give some notification that the user/app is using the wrong URL. Affects all versions of Foreman since 1.1. The issue has already been fixed since Foreman 1.9.0-RC1 via a refactor in #10471. To mitigate this with Apache, add a stanza to the HTTP VirtualHost (e.g. in /etc/httpd/conf.d/05-foreman.d/api_redirect.conf) similar to: RewriteEngine On RewriteRule ^/api/(.*) <a href="https://%{SERVER_NAME}/api/$1">https://%{SERVER_NAME}/api/$1</a> [R,L] External reference: <a href="http://projects.theforeman.org/issues/11119">http://projects.theforeman.org/issues/11119</a>

Credit: secalert@redhat.com

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/references
• agent/type
• agent/softwarecombine
• agent/first-publish-date
• collector/mitre-cve
• source/MITRE
• collector/redhat-bugzilla
• source/Red Hat
• alias/CVE-2015-5152
• agent/last-modified-date
• agent/weakness
• agent/severity
• agent/author
• agent/description
• agent/event
• agent/trending
• agent/source
• agent/tags
• collector/nvd-index
• agent/software-canonical-lookup-request
• vendor/theforeman
• canonical/theforeman foreman
• version/theforeman foreman/1.1-1
• version/theforeman foreman/1.2.0
• version/theforeman foreman/1.2.0-rc1
• version/theforeman foreman/1.2.0-rc2
• version/theforeman foreman/1.2.0-rc3
• version/theforeman foreman/1.2.1
• version/theforeman foreman/1.2.2
• version/theforeman foreman/1.2.3
• version/theforeman foreman/1.3.0
• version/theforeman foreman/1.3.0-rc1
• version/theforeman foreman/1.3.0-rc2
• version/theforeman foreman/1.3.0-rc3
• version/theforeman foreman/1.3.0-rc4
• version/theforeman foreman/1.3.1
• version/theforeman foreman/1.3.2
• version/theforeman foreman/1.4.0
• version/theforeman foreman/1.4.0-rc1
• version/theforeman foreman/1.4.0-rc2
• version/theforeman foreman/1.4.1
• version/theforeman foreman/1.4.2
• version/theforeman foreman/1.4.3
• version/theforeman foreman/1.4.4
• version/theforeman foreman/1.4.5
• version/theforeman foreman/1.5.0
• version/theforeman foreman/1.5.1
• version/theforeman foreman/1.5.2
• version/theforeman foreman/1.5.3
• version/theforeman foreman/1.6.0
• version/theforeman foreman/1.6.0-rc1
• version/theforeman foreman/1.6.0-rc2
• version/theforeman foreman/1.6.1
• version/theforeman foreman/1.7.0
• version/theforeman foreman/1.7.0-rc1
• version/theforeman foreman/1.7.0-rc2
• version/theforeman foreman/1.7.1
• version/theforeman foreman/1.7.2
• version/theforeman foreman/1.7.3
• version/theforeman foreman/1.7.4
• version/theforeman foreman/1.7.5
• version/theforeman foreman/1.8.0
• version/theforeman foreman/1.8.0-rc1
• version/theforeman foreman/1.8.0-rc2
• version/theforeman foreman/1.8.0-rc3
• version/theforeman foreman/1.8.1
• version/theforeman foreman/1.8.2
• version/theforeman foreman/1.8.3