CVE-2016-4995: Infoleak
First published: Wed Jun 22 2016(Updated: )
Dominic Cleal of Red Hat reports: Users who are logged in with permissions to view some hosts are able to preview provisioning templates for any host by specifying its hostname in the URL, as the specific view_hosts permissions and filters aren't checked. If the organization or location features are enabled, the user will still be restricted to their associated orgs/locs. This can disclose configuration information about the host, including root password hashes if used in preseed/kickstart templates. Upstream bug: <a href="http://projects.theforeman.org/issues/15490">http://projects.theforeman.org/issues/15490</a> Proposed patch: <a href="https://github.com/theforeman/foreman/pull/2428">https://github.com/theforeman/foreman/pull/2428</a>
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Theforeman Foreman | >=1.11.0<1.11.4 | |
| Theforeman Foreman | >=1.12.0<1.12.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://projects.theforeman.org/issues/15490
- https://github.com/theforeman/foreman/pull/2428
- https://access.redhat.com/errata/RHSA-2018:0336
- https://bugzilla.redhat.com/show_bug.cgi?id=1348939
- http://projects.theforeman.org/projects/foreman/repository/revisions/c3c186de12be15e55d9582e54659f765304a1073
- https://theforeman.org/security.html#2016-4995
- collector/nvd-index
- agent/references
- agent/weakness
- agent/author
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2016-4995
- agent/remedy
- agent/severity
- agent/tags
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/theforeman
- canonical/theforeman foreman
- version/theforeman foreman/1.11.0
- version/theforeman foreman/1.12.0