An authentication bypass flaw was found in the smart_proxy_dynflow component used by Foreman. A malicious attacker can use this flaw to remotely execute arbitrary commands on machines managed by vulnerable Foreman instances, in a highly privileged context.
oryginał ENCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HTheforeman Foreman
APPTheforemanwszystkie wersje
Powiązane podatności
An arbitrary code execution flaw was found in Foreman. This flaw allows an admin user to bypass safe mode in t...
A flaw was found in the foreman-mcp-server. A session management vulnerability in the MCP Server allows unauth...
A command injection flaw was found in foreman. This flaw allows an authenticated user with admin privileges on...
An arbitrary code execution flaw was found in Foreman. This issue may allow an admin user to execute arbitrary...
A flaw was found in the Foreman project. The Datacenter plugin exposes the password through the API to an auth...