Latest Theforeman Vulnerabilities

CVE-2023-4886
Foreman: world readable file containing secrets
Theforeman Foreman<3.8.0
Redhat Satellite=6.0
CVE-2023-0462
An arbitrary code execution flaw was found in Foreman. This issue may allow an admin user to execute arbitrary code on the underlying operating system by setting global parameters with a YAML payload.
Theforeman Foreman<3.8.0
Redhat Satellite>=6.0
redhat/foreman<3.8.0
CVE-2023-0118
Foreman: arbitrary code execution through templates
Theforeman Foreman
Redhat Satellite>=6.13<6.13.3
Redhat Enterprise Linux=8.0
redhat/foreman<6.13.3
Redhat Satellite>=6.13<6.13.3
Redhat Enterprise Linux=8.0
CVE-2022-3874
A command injection flaw was found in foreman. This flaw allows an authenticated user with admin privileges on the foreman instance to transpile commands through CoreOS and Fedora CoreOS configuration...
rubygems/foreman<=3.8.0
Redhat Satellite=6.0
Theforeman Foreman
CVE-2021-3589
An attacker with elevated privileges can utilize Ansible functions to carry out actions as the Foreman-proxy user on the system. The prerequisite for this is that the hosts must have already been adde...
Theforeman Foreman Ansible<7.1.0
Redhat Satellite=6.0
CVE-2021-3590
A credential leak vulnerability was found in Foreman through Azure Compute Profile. This flaw exposes the compute profile credentials to the all authenticated users with "view_compute_profiles" permis...
Theforeman Foreman>=1.6.0
Redhat Satellite=6.0
CVE-2021-3584
A server side remote code execution vulnerability was found in Foreman project. A authenticated attacker could use Sendmail configuration options to overwrite the defaults and perform command injectio...
Theforeman Foreman<2.4.1
Theforeman Foreman>=2.5.0<2.5.1
Theforeman Foreman=3.0.0-rc1
Theforeman Foreman=3.0.0-rc2
Redhat Satellite=6.0
CVE-2021-3469
Theforeman Foreman<2.3.4
CVE-2021-3457
An improper authorization handling flaw was found in Foreman. The Shellhooks plugin for the smart-proxy allows Foreman clients to execute actions that should be limited to the Foreman Server. This fla...
Theforeman Smart Proxy Shell Hooks<0.9.2
CVE-2021-3494
A smart proxy that provides a restful API to various sub-systems of the Foreman is affected by the flaw which can cause a Man-in-the-Middle attack. The FreeIPA module of Foreman smart proxy does not c...
redhat/foreman<2.5.0
Theforeman Foreman<2.5.0
CVE-2021-3456
On Foreman, Salt plugin for smart-proxy introduce a flaw which allows any client to perform actions of Foreman Server.
Theforeman Smart Proxy Salt<=2.1.5
CVE-2021-20290
On Foreman, OpenSCAP plugin for smart-proxy introduce a flaw which allows any client to perform actions of Foreman Server. OpenSCAP plugin and a Client system that has Puppet installed with certs sign...
Theforeman Openscap<0.9.1
redhat/smart_proxy_openscap<0.9.1
CVE-2021-20260
A password leak was identified on Foreman project which will expose password in plaintext through Foreman Datacenter plugin.
Theforeman Foreman
CVE-2021-20259
A password leak was identified on Foreman project which will expose Proxmox compute resource password in plaintext through the compute host API.
redhat/foreman_fog_proxmox<0.13.1
Theforeman Foremanfogproxmox<0.13.1
CVE-2021-3413
A flaw was found in Red Hat Satellite in tfm-rubygem-foreman_azure_rm in versions before 2.2.0. A credential leak was identified which will expose Azure Resource Manager's secret key through JSON of t...
redhat/tfm-rubygem-foreman_azure_rm<2.2.0
Theforeman Foreman Azurerm<2.2.0
Redhat Satellite=6.0
CVE-2020-10716
The "User input" entry from Job Invocation may contain plaintext password or other sensitive data. As a result, anyone who could view the job invocation could see it. The fix was to restrict the abil...
redhat/tfm-rubygem-foreman_ansible<4.0.3.4
Redhat Satellite=6.7
Redhat Satellite Capsule=6.7
Theforeman Foreman Ansible<4.0.3.4
CVE-2020-10710
A flaw was found where the Plaintext Candlepin password is disclosed while updating Red Hat Satellite through the satellite-installer. This flaw allows an attacker with sufficiently high privileges, s...
Theforeman Foreman<1.24.1.22
redhat/foreman-installer<1.24.1.22
CVE-2014-0241
rubygem-hammer_cli_foreman: File /etc/hammer/cli.modules.d/foreman.yml world readable
Theforeman Hammer Cli
Redhat Satellite=6.0
CVE-2014-0091
Foreman has improper input validation which could lead to partial Denial of Service
Theforeman Foreman
debian
CVE-2013-4120
Theforeman Katello
CVE-2013-0283
Katello: Username in Notification page has cross site scripting
Theforeman Katello
CVE-2013-2101
Katello has multiple XSS issues in various entities
Theforeman Katello
Redhat Satellite=6.0
CVE-2019-14825
A cleartext password storage issue was discovered in Katello, versions 3.x.x.x before katello 3.12.0.9. Registry credentials used during container image discovery were inadvertently logged without bei...
redhat/ansiblerole-insights-client<0:1.6-2.el7
redhat/ansible-runner<0:1.3.4-2.el7a
redhat/candlepin<0:2.6.9-1.el7
redhat/foreman<0:1.22.0.32-1.el7
redhat/foreman-bootloaders-redhat<0:201901011200-1.el7
redhat/foreman-installer<1:1.22.0.16-1.el7
and 268 more
CVE-2019-10198
An authentication bypass vulnerability was discovered in foreman-tasks before 0.15.7. Previously, commit tasks were searched through find_resource, which performed authorization checks. After the chan...
redhat/ansiblerole-insights-client<0:1.6-2.el7
redhat/ansible-runner<0:1.3.4-2.el7a
redhat/candlepin<0:2.6.9-1.el7
redhat/foreman<0:1.22.0.32-1.el7
redhat/foreman-bootloaders-redhat<0:201901011200-1.el7
redhat/foreman-installer<1:1.22.0.16-1.el7
and 269 more
CVE-2019-3893
In Foreman it was discovered that the delete compute resource operation, when executed from the Foreman API, leads to the disclosure of the plaintext password or token for the affected compute resourc...
Theforeman Foreman>=1.20.0<1.20.3
Theforeman Foreman>=1.21.0<1.21.1
Redhat Satellite=6.0
CVE-2018-14623
A SQL injection flaw was found in katello's errata-related API. An authenticated remote attacker can craft input data to force a malformed SQL query to the backend database, which will leak internal I...
Theforeman Katello>=3.10.0
CVE-2018-16861
A cross-site scripting (XSS) flaw was found in the foreman component of satellite. An attacker with privilege to create entries using the Hosts, Monitor, Infrastructure, or Administer Menus is able to...
Theforeman Foreman<1.18.3
Theforeman Foreman>=1.19.0<1.19.1
Theforeman Foreman=1.20.0-rc1
Theforeman Foreman=1.20.0-rc2
CVE-2018-16887
A cross-site scripting (XSS) flaw was found in the katello component of Satellite. An attacker with privilege to create/edit organizations and locations is able to execute a XSS attacks against other ...
Redhat Satellite=6.0
Theforeman Katello<3.9.0
CVE-2018-14664
A flaw was found in foreman from versions 1.18. A stored cross-site scripting vulnerability exists due to an improperly escaped HTML code in the breadcrumbs bar. This allows a user with permissions to...
Theforeman Foreman=1.18.0
CVE-2018-14643
An authentication bypass flaw was found in the smart_proxy_dynflow component used by Foreman. A malicious attacker can use this flaw to remotely execute arbitrary commands on machines managed by vulne...
Theforeman Foreman
CVE-2016-7078
foreman before version 1.15.0 is vulnerable to an information leak through organizations and locations feature. When a user is assigned _no_ organizations/locations, they are able to view all resource...
Theforeman Foreman=1.15.0
CVE-2016-8634
A vulnerability was found in foreman 1.14.0. When creating an organization or location in Foreman, if the name contains HTML then the second step of the wizard (/organizations/id/step2) will render th...
Theforeman Foreman=1.14.0
CVE-2016-8613
A flaw was found in foreman 1.5.1. The remote execution plugin runs commands on hosts over SSH from the Foreman web UI. When a job is submitted that contains HTML tags, the console output shown in the...
Theforeman Foreman=1.5.1
CVE-2017-7535
foreman before version 1.16.0 is vulnerable to a stored XSS in organizations/locations assignment to hosts. Exploiting this requires a user to actively assign hosts to an organization that contains ht...
Theforeman Foreman<1.16.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203