Skip to main content

Foreman

55 CVEs product

Monthly

CVE-2024-7700 MEDIUM This Month

A command injection flaw was found in the "Host Init Config" template in the Foreman application via the "Install Packages" field on the "Register Host" page. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Foreman
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2023-4886 MEDIUM This Month

A sensitive information exposure vulnerability was found in foreman. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Tomcat Information Disclosure Foreman Satellite
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2023-0462 CRITICAL Act Now

An arbitrary code execution flaw was found in Foreman. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Code Injection Foreman Satellite
NVD
CVSS 3.1
9.1
EPSS
1.0%
CVE-2023-0118 CRITICAL Act Now

An arbitrary code execution flaw was found in Foreman. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Command Injection Foreman Satellite
NVD
CVSS 3.1
9.1
EPSS
1.4%
CVE-2021-3584 HIGH PATCH This Week

A server side remote code execution vulnerability was found in Foreman project. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

RCE Command Injection Foreman Satellite
NVD GitHub
CVSS 3.1
7.2
EPSS
3.9%
CVE-2021-3469 MEDIUM This Month

Foreman versions before 2.3.4 and before 2.4.0 is affected by an improper authorization handling flaw. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Foreman
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2021-3494 MEDIUM This Month

A smart proxy that provides a restful API to various sub-systems of the Foreman is affected by the flaw which can cause a Man-in-the-Middle attack. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Foreman
NVD
CVSS 3.1
5.9
EPSS
0.4%
CVE-2019-3893 MEDIUM This Month

In Foreman it was discovered that the delete compute resource operation, when executed from the Foreman API, leads to the disclosure of the plaintext password or token for the affected compute. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Foreman Satellite
NVD GitHub
CVSS 3.1
4.9
EPSS
1.9%
CVE-2018-16861 MEDIUM PATCH This Month

A cross-site scripting (XSS) flaw was found in the foreman component of satellite. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity.

CSRF XSS RCE Foreman
NVD
CVSS 3.0
4.8
EPSS
0.9%
CVE-2018-14664 MEDIUM This Month

A flaw was found in foreman from versions 1.18. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Foreman
NVD
CVSS 3.0
5.4
EPSS
1.1%
CVE-2018-14643 Ruby CRITICAL PATCH Act Now

An authentication bypass flaw was found in the smart_proxy_dynflow component used by Foreman. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Foreman
NVD GitHub
CVSS 3.0
9.8
EPSS
6.0%
CVE-2018-1096 MEDIUM This Month

An input sanitization flaw was found in the id field in the dashboard controller of Foreman before 1.16.1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Foreman Satellite
NVD
CVSS 3.0
6.5
EPSS
1.4%
CVE-2018-1097 HIGH This Week

A flaw was found in foreman before 1.16.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Foreman Satellite
NVD GitHub
CVSS 3.0
8.8
EPSS
1.8%
CVE-2017-15100 MEDIUM PATCH This Month

An attacker submitting facts to the Foreman server containing HTML can cause a stored XSS on certain pages: (1) Facts page, when clicking on the "chart" button and hovering over the chart; (2) Trends. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Foreman Satellite Satellite Capsule
NVD GitHub
CVSS 3.1
6.1
EPSS
0.3%
CVE-2014-3531 MEDIUM PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in Foreman before 1.5.2 allow remote authenticated users to inject arbitrary web script or HTML via the operating system (1) name or (2). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

XSS Foreman
NVD GitHub
CVSS 3.0
5.4
EPSS
0.3%
CVE-2014-0208 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in the search auto-completion functionality in Foreman before 1.4.4 allows remote authenticated users to inject arbitrary web script or HTML via a crafted key. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Foreman
NVD
CVSS 3.0
5.4
EPSS
0.3%
CVE-2015-5246 HIGH PATCH This Week

The LDAP Authentication functionality in Foreman might allow remote attackers with knowledge of old passwords to gain access via vectors involving the password lifetime period in Active Directory. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Foreman
NVD
CVSS 3.0
8.1
EPSS
0.7%
CVE-2015-5282 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in Foreman 1.7.0 and after. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Foreman
NVD GitHub
CVSS 3.0
6.1
EPSS
0.4%
CVE-2015-5152 HIGH This Week

Foreman after 1.1 and before 1.9.0-RC1 does not redirect HTTP requests to HTTPS when the require_ssl setting is set to true, which allows remote attackers to obtain user credentials via a. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Foreman
NVD
CVSS 3.0
8.1
EPSS
0.3%
CVE-2017-7505 HIGH PATCH This Week

Foreman since version 1.5 is vulnerable to an incorrect authorization check due to which users with user management permission who are assigned to some organization(s) can do all operations granted. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Foreman
NVD GitHub
CVSS 3.0
8.8
EPSS
0.3%
CVE-2016-6320 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in app/assets/javascripts/host_edit_interfaces.js in Foreman before 1.12.2 allows remote authenticated users to inject arbitrary web script or HTML via the. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

XSS Foreman
NVD GitHub
CVSS 3.0
5.4
EPSS
0.3%
CVE-2016-6319 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in app/helpers/form_helper.rb in Foreman before 1.12.2, as used by Remote Execution and possibly other plugins, allows remote attackers to inject arbitrary. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Foreman
NVD GitHub
CVSS 3.0
6.1
EPSS
0.7%
CVE-2016-5390 MEDIUM PATCH This Month

Foreman before 1.11.4 and 1.12.x before 1.12.1 allow remote authenticated users with the view_hosts permission containing a filter to obtain sensitive network interface information via a request to. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Foreman
NVD
CVSS 3.0
5.3
EPSS
0.3%
CVE-2016-4995 MEDIUM PATCH This Month

Foreman before 1.11.4 and 1.12.x before 1.12.1 does not properly restrict access to preview provisioning templates, which allows remote authenticated users with permission to view some hosts to. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Foreman
NVD
CVSS 3.0
5.3
EPSS
0.3%
CVE-2016-4475 HIGH PATCH This Week

The (1) Organization and (2) Locations APIs and UIs in Foreman before 1.11.4 and 1.12.x before 1.12.0-RC3 allow remote authenticated users to bypass organization and location restrictions and (a). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Foreman
NVD
CVSS 3.0
8.8
EPSS
0.2%
CVE-2016-4451 MEDIUM PATCH This Month

The (1) Organization and (2) Locations APIs in Foreman before 1.11.3 and 1.12.x before 1.12.0-RC1 allow remote authenticated users with unlimited filters to bypass organization and location. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable.

Authentication Bypass Foreman
NVD
CVSS 3.0
5.0
EPSS
0.1%
CVE-2016-3728 HIGH This Week

Eval injection vulnerability in tftp_api.rb in the TFTP module in the Smart-Proxy in Foreman before 1.10.4 and 1.11.x before 1.11.2 allows remote attackers to execute arbitrary code via the PXE. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Authentication Bypass Foreman
NVD GitHub
CVSS 3.0
8.8
EPSS
2.0%
CVE-2016-2100 MEDIUM This Month

Foreman before 1.10.3 and 1.11.0 before 1.11.0-RC2 allow remote authenticated users to read, modify, or delete private bookmarks by leveraging the (1) edit_bookmarks or (2) destroy_bookmarks. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Foreman
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2015-5233 MEDIUM PATCH This Month

Foreman before 1.8.4 and 1.9.x before 1.9.1 do not properly apply view_hosts permissions, which allows (1) remote authenticated users with the view_reports permission to read reports from arbitrary. Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable.

Privilege Escalation Foreman Satellite
NVD
CVSS 3.0
4.2
EPSS
0.2%
CVE-2015-7518 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in information popups in Foreman before 1.10.0 allow remote attackers to inject arbitrary web script or HTML via (1) global parameters, (2) smart. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Foreman
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-3235 MEDIUM This Month

Foreman before 1.9.0 allows remote authenticated users with the edit_users permission to edit administrator users and change their passwords via unspecified vectors. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Foreman
NVD
CVSS 2.0
6.0
EPSS
0.6%
CVE-2015-3155 MEDIUM PATCH This Month

Foreman before 1.8.1 does not set the secure flag for the _session_id cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Foreman
NVD GitHub
CVSS 2.0
5.0
EPSS
0.6%
CVE-2015-1844 MEDIUM PATCH This Month

Foreman before 1.7.5 allows remote authenticated users to bypass organization and location restrictions by connecting through the REST API. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Foreman
NVD GitHub
CVSS 2.0
4.0
EPSS
0.3%
CVE-2015-1816 MEDIUM This Month

Forman before 1.7.4 does not verify SSL certificates for LDAP connections, which allows man-in-the-middle attackers to spoof LDAP servers via a crafted certificate. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Foreman
NVD GitHub
CVSS 2.0
5.0
EPSS
0.2%
CVE-2014-3653 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in the template preview function in Foreman before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted provisioning template. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Foreman
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2014-3691 HIGH PATCH This Week

Smart Proxy (aka Smart-Proxy and foreman-proxy) in Foreman before 1.5.4 and 1.6.x before 1.6.2 does not validate SSL certificates, which allows remote attackers to bypass intended authentication and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Openstack Foreman
NVD GitHub
CVSS 2.0
7.5
EPSS
0.1%
CVE-2014-3492 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in the host YAML view in Foreman before 1.4.5 and 1.5.x before 1.5.1 allow remote attackers to inject arbitrary web script or HTML via a parameter. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Foreman
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2014-3491 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to inject arbitrary web script or HTML via the Name field to the New Host groups page,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Foreman
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2014-4507 MEDIUM PATCH This Month

Directory traversal vulnerability in Smart-Proxy in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to overwrite arbitrary files via a .. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Foreman
NVD
CVSS 2.0
6.4
EPSS
0.8%
CVE-2014-0007 HIGH POC PATCH This Week

The Smart-Proxy in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the path parameter to tftp/fetch_boot_file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Foreman
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
6.4%
CVE-2014-0192 MEDIUM POC PATCH This Month

Foreman 1.4.0 before 1.5.0 does not properly restrict access to provisioning template previews, which allows remote attackers to obtain sensitive information via the hostname parameter, related to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Privilege Escalation Foreman
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2014-0090 MEDIUM This Month

Session fixation vulnerability in Foreman before 1.4.2 allows remote attackers to hijack web sessions via the session id cookie. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Foreman
NVD
CVSS 2.0
6.8
EPSS
0.6%
CVE-2013-0210 HIGH This Week

The smart proxy Puppet run API in Foreman before 1.2.0 allows remote attackers to execute arbitrary commands via vectors related to escaping and Puppet commands. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Code Injection Foreman
NVD
CVSS 2.0
7.5
EPSS
0.5%
CVE-2013-0187 MEDIUM This Month

Foreman before 1.1 allows remote authenticated users to gain privileges via a (1) XMLHttpRequest or (2) AJAX request. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Foreman
NVD
CVSS 2.0
6.5
EPSS
0.5%
CVE-2013-0174 MEDIUM This Month

The external node classifier (ENC) API in Foreman before 1.1 allows remote attackers to obtain the hashed root password via an API request. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Foreman
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2013-0173 MEDIUM This Month

Foreman before 1.1 uses a salt of "foreman" to hash root passwords, which makes it easier for attackers to guess the password via a brute force attack. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Foreman
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2013-0171 HIGH This Week

Foreman before 1.1 allows remote attackers to execute arbitrary code via a crafted YAML object to the (1) fact or (2) report import API. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Code Injection Foreman
NVD
CVSS 2.0
7.5
EPSS
3.2%
CVE-2012-5477 LOW Monitor

The smart proxy in Foreman before 1.1 uses a umask set to 0, which allows local users to modify files created by the daemon via unspecified vectors. Rated low severity (CVSS 3.6), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Foreman
NVD
CVSS 2.0
3.6
EPSS
0.1%
CVE-2012-5648 HIGH This Week

Multiple SQL injection vulnerabilities in Foreman before 1.0.2 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) app/models/hostext/search.rb or (2). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Foreman
NVD GitHub VulDB
CVSS 2.0
7.5
EPSS
0.7%
CVE-2014-0089 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in app/views/common/500.html.erb in Foreman 1.4.x before 1.4.2 allows remote authenticated users to inject arbitrary web script or HTML via the bookmark name. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Foreman
NVD VulDB
CVSS 2.0
4.3
EPSS
0.4%
CVE-2013-4386 HIGH PATCH This Week

Multiple SQL injection vulnerabilities in app/models/concerns/host_common.rb in Foreman before 1.2.3 allow remote attackers to execute arbitrary SQL commands via the (1) fqdn or (2) hostgroup. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

SQLi Openstack Foreman
NVD
CVSS 2.0
7.5
EPSS
0.5%
CVE-2013-4182 HIGH PATCH This Week

app/controllers/api/v1/hosts_controller.rb in Foreman before 1.2.2 does not properly restrict access to hosts, which allows remote attackers to access arbitrary hosts via an API request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Openstack Foreman
NVD
CVSS 2.0
7.5
EPSS
0.7%
CVE-2013-4180 MEDIUM PATCH This Month

The (1) power and (2) ipmi_boot actions in the HostController in Foreman before 1.2.2 allow remote attackers to cause a denial of service (memory consumption) via unspecified input that is converted. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Openstack Foreman
NVD
CVSS 2.0
5.0
EPSS
0.9%
CVE-2013-2121 MEDIUM POC THREAT This Month

Eval injection vulnerability in the create method in the Bookmarks controller in Foreman before 1.2.0-RC2 allows remote authenticated users with permissions to create bookmarks to execute arbitrary. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 60.9%.

Code Injection RCE Openstack Foreman
NVD Exploit-DB
CVSS 2.0
6.0
EPSS
60.9%
Threat
4.5
CVE-2013-2113 MEDIUM POC THREAT This Month

The create method in app/controllers/users_controller.rb in Foreman before 1.2.0-RC2 allows remote authenticated users with permissions to create or edit other users to gain privileges by (1). Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 47.4%.

Privilege Escalation Openstack Foreman
NVD Exploit-DB
CVSS 2.0
6.0
EPSS
47.4%
Threat
4.1
EPSS 1% CVSS 6.5
MEDIUM This Month

A command injection flaw was found in the "Host Init Config" template in the Foreman application via the "Install Packages" field on the "Register Host" page. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Foreman
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

A sensitive information exposure vulnerability was found in foreman. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Tomcat Information Disclosure Foreman +1
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

An arbitrary code execution flaw was found in Foreman. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Code Injection Foreman +1
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

An arbitrary code execution flaw was found in Foreman. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Command Injection Foreman +1
NVD
EPSS 4% CVSS 7.2
HIGH PATCH This Week

A server side remote code execution vulnerability was found in Foreman project. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

RCE Command Injection Foreman +1
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM This Month

Foreman versions before 2.3.4 and before 2.4.0 is affected by an improper authorization handling flaw. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Foreman
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

A smart proxy that provides a restful API to various sub-systems of the Foreman is affected by the flaw which can cause a Man-in-the-Middle attack. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Foreman
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

In Foreman it was discovered that the delete compute resource operation, when executed from the Foreman API, leads to the disclosure of the plaintext password or token for the affected compute. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Foreman Satellite
NVD GitHub
EPSS 1% CVSS 4.8
MEDIUM PATCH This Month

A cross-site scripting (XSS) flaw was found in the foreman component of satellite. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity.

CSRF XSS RCE +1
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

A flaw was found in foreman from versions 1.18. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Foreman
NVD
EPSS 6% CVSS 9.8
CRITICAL PATCH Act Now

An authentication bypass flaw was found in the smart_proxy_dynflow component used by Foreman. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Foreman
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM This Month

An input sanitization flaw was found in the id field in the dashboard controller of Foreman before 1.16.1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Foreman Satellite
NVD
EPSS 2% CVSS 8.8
HIGH This Week

A flaw was found in foreman before 1.16.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Foreman Satellite
NVD GitHub
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

An attacker submitting facts to the Foreman server containing HTML can cause a stored XSS on certain pages: (1) Facts page, when clicking on the "chart" button and hovering over the chart; (2) Trends. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Foreman Satellite +1
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in Foreman before 1.5.2 allow remote authenticated users to inject arbitrary web script or HTML via the operating system (1) name or (2). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

XSS Foreman
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in the search auto-completion functionality in Foreman before 1.4.4 allows remote authenticated users to inject arbitrary web script or HTML via a crafted key. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Foreman
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

The LDAP Authentication functionality in Foreman might allow remote attackers with knowledge of old passwords to gain access via vectors involving the password lifetime period in Active Directory. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Foreman
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in Foreman 1.7.0 and after. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Foreman
NVD GitHub
EPSS 0% CVSS 8.1
HIGH This Week

Foreman after 1.1 and before 1.9.0-RC1 does not redirect HTTP requests to HTTPS when the require_ssl setting is set to true, which allows remote attackers to obtain user credentials via a. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Foreman
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Foreman since version 1.5 is vulnerable to an incorrect authorization check due to which users with user management permission who are assigned to some organization(s) can do all operations granted. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Foreman
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in app/assets/javascripts/host_edit_interfaces.js in Foreman before 1.12.2 allows remote authenticated users to inject arbitrary web script or HTML via the. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

XSS Foreman
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in app/helpers/form_helper.rb in Foreman before 1.12.2, as used by Remote Execution and possibly other plugins, allows remote attackers to inject arbitrary. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Foreman
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Foreman before 1.11.4 and 1.12.x before 1.12.1 allow remote authenticated users with the view_hosts permission containing a filter to obtain sensitive network interface information via a request to. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Foreman
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Foreman before 1.11.4 and 1.12.x before 1.12.1 does not properly restrict access to preview provisioning templates, which allows remote authenticated users with permission to view some hosts to. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Foreman
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

The (1) Organization and (2) Locations APIs and UIs in Foreman before 1.11.4 and 1.12.x before 1.12.0-RC3 allow remote authenticated users to bypass organization and location restrictions and (a). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Foreman
NVD
EPSS 0% CVSS 5.0
MEDIUM PATCH This Month

The (1) Organization and (2) Locations APIs in Foreman before 1.11.3 and 1.12.x before 1.12.0-RC1 allow remote authenticated users with unlimited filters to bypass organization and location. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable.

Authentication Bypass Foreman
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Eval injection vulnerability in tftp_api.rb in the TFTP module in the Smart-Proxy in Foreman before 1.10.4 and 1.11.x before 1.11.2 allows remote attackers to execute arbitrary code via the PXE. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Authentication Bypass Foreman
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM This Month

Foreman before 1.10.3 and 1.11.0 before 1.11.0-RC2 allow remote authenticated users to read, modify, or delete private bookmarks by leveraging the (1) edit_bookmarks or (2) destroy_bookmarks. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Foreman
NVD
EPSS 0% CVSS 4.2
MEDIUM PATCH This Month

Foreman before 1.8.4 and 1.9.x before 1.9.1 do not properly apply view_hosts permissions, which allows (1) remote authenticated users with the view_reports permission to read reports from arbitrary. Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable.

Privilege Escalation Foreman Satellite
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in information popups in Foreman before 1.10.0 allow remote attackers to inject arbitrary web script or HTML via (1) global parameters, (2) smart. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Foreman
NVD
EPSS 1% CVSS 6.0
MEDIUM This Month

Foreman before 1.9.0 allows remote authenticated users with the edit_users permission to edit administrator users and change their passwords via unspecified vectors. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Foreman
NVD
EPSS 1% CVSS 5.0
MEDIUM PATCH This Month

Foreman before 1.8.1 does not set the secure flag for the _session_id cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Foreman
NVD GitHub
EPSS 0% CVSS 4.0
MEDIUM PATCH This Month

Foreman before 1.7.5 allows remote authenticated users to bypass organization and location restrictions by connecting through the REST API. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Foreman
NVD GitHub
EPSS 0% CVSS 5.0
MEDIUM This Month

Forman before 1.7.4 does not verify SSL certificates for LDAP connections, which allows man-in-the-middle attackers to spoof LDAP servers via a crafted certificate. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Foreman
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in the template preview function in Foreman before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted provisioning template. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Foreman
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Smart Proxy (aka Smart-Proxy and foreman-proxy) in Foreman before 1.5.4 and 1.6.x before 1.6.2 does not validate SSL certificates, which allows remote attackers to bypass intended authentication and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Openstack Foreman
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in the host YAML view in Foreman before 1.4.5 and 1.5.x before 1.5.1 allow remote attackers to inject arbitrary web script or HTML via a parameter. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Foreman
NVD
EPSS 0% CVSS 4.3
MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to inject arbitrary web script or HTML via the Name field to the New Host groups page,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Foreman
NVD
EPSS 1% CVSS 6.4
MEDIUM PATCH This Month

Directory traversal vulnerability in Smart-Proxy in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to overwrite arbitrary files via a .. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Foreman
NVD
EPSS 6% CVSS 7.5
HIGH POC PATCH This Week

The Smart-Proxy in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the path parameter to tftp/fetch_boot_file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Foreman
NVD Exploit-DB
EPSS 0% CVSS 5.0
MEDIUM POC PATCH This Month

Foreman 1.4.0 before 1.5.0 does not properly restrict access to provisioning template previews, which allows remote attackers to obtain sensitive information via the hostname parameter, related to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Privilege Escalation Foreman
NVD
EPSS 1% CVSS 6.8
MEDIUM This Month

Session fixation vulnerability in Foreman before 1.4.2 allows remote attackers to hijack web sessions via the session id cookie. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Foreman
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The smart proxy Puppet run API in Foreman before 1.2.0 allows remote attackers to execute arbitrary commands via vectors related to escaping and Puppet commands. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Code Injection Foreman
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Foreman before 1.1 allows remote authenticated users to gain privileges via a (1) XMLHttpRequest or (2) AJAX request. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Foreman
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

The external node classifier (ENC) API in Foreman before 1.1 allows remote attackers to obtain the hashed root password via an API request. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Foreman
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

Foreman before 1.1 uses a salt of "foreman" to hash root passwords, which makes it easier for attackers to guess the password via a brute force attack. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Foreman
NVD
EPSS 3% CVSS 7.5
HIGH This Week

Foreman before 1.1 allows remote attackers to execute arbitrary code via a crafted YAML object to the (1) fact or (2) report import API. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Code Injection Foreman
NVD
EPSS 0% CVSS 3.6
LOW Monitor

The smart proxy in Foreman before 1.1 uses a umask set to 0, which allows local users to modify files created by the daemon via unspecified vectors. Rated low severity (CVSS 3.6), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Foreman
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Multiple SQL injection vulnerabilities in Foreman before 1.0.2 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) app/models/hostext/search.rb or (2). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Foreman
NVD GitHub VulDB
EPSS 0% CVSS 4.3
MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in app/views/common/500.html.erb in Foreman 1.4.x before 1.4.2 allows remote authenticated users to inject arbitrary web script or HTML via the bookmark name. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Foreman
NVD VulDB
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Multiple SQL injection vulnerabilities in app/models/concerns/host_common.rb in Foreman before 1.2.3 allow remote attackers to execute arbitrary SQL commands via the (1) fqdn or (2) hostgroup. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

SQLi Openstack Foreman
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

app/controllers/api/v1/hosts_controller.rb in Foreman before 1.2.2 does not properly restrict access to hosts, which allows remote attackers to access arbitrary hosts via an API request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Openstack Foreman
NVD
EPSS 1% CVSS 5.0
MEDIUM PATCH This Month

The (1) power and (2) ipmi_boot actions in the HostController in Foreman before 1.2.2 allow remote attackers to cause a denial of service (memory consumption) via unspecified input that is converted. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Openstack Foreman
NVD
EPSS 61% 4.5 CVSS 6.0
MEDIUM POC THREAT This Month

Eval injection vulnerability in the create method in the Bookmarks controller in Foreman before 1.2.0-RC2 allows remote authenticated users with permissions to create bookmarks to execute arbitrary. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 60.9%.

Code Injection RCE Openstack +1
NVD Exploit-DB
EPSS 47% 4.1 CVSS 6.0
MEDIUM POC THREAT This Month

The create method in app/controllers/users_controller.rb in Foreman before 1.2.0-RC2 allows remote authenticated users with permissions to create or edit other users to gain privileges by (1). Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 47.4%.

Privilege Escalation Openstack Foreman
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy