A flaw was found in the Foreman project. The Datacenter plugin exposes the password through the API to an authenticated local attacker with view_hosts permission. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
oryginał ENCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HTheforeman Foreman
APPTheforemanwszystkie wersje
Powiązane podatności
An arbitrary code execution flaw was found in Foreman. This flaw allows an admin user to bypass safe mode in t...
An authentication bypass flaw was found in the smart_proxy_dynflow component used by Foreman. A malicious atta...
A flaw was found in the foreman-mcp-server. A session management vulnerability in the MCP Server allows unauth...
A command injection flaw was found in foreman. This flaw allows an authenticated user with admin privileges on...
An arbitrary code execution flaw was found in Foreman. This issue may allow an admin user to execute arbitrary...