CVE-2013-2113

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 07-06-2013 02:00

Last modified: - 07-06-2013 02:00

Total changes: - 8

Description

CVE-2013-2113 Foreman: app/controllers/users_controller.rb arbitrary admin user creation due to mass assignment

Common Vulnerability Scoring System (CVSS)

AV:N/AC:M/Au:S/C:N/I:P/A:N

Low

Attack complexity

Network

Attack vector

None

Availability

None

Confidentiality

Low

Integrity

-

Privileges required

-

Scope

-

User interaction

3.5

Base score

Exploitability score

Impact score

Verification logic

OR

AND

product=ruby193-foreman-0 AND versionEndExcluding=1.1.10009-3.el6ost

vendor=Red Hat Enterprise Linux AND product=openstack AND version=3

AND

product=ruby193-foreman-proxy-0 AND versionEndExcluding=1.1.10001-4.el6ost

vendor=Red Hat Enterprise Linux AND product=openstack AND version=3

AND

product=ruby193-openstack-foreman-installer-0 AND versionEndExcluding=0.0.18-1.el6ost

vendor=Red Hat Enterprise Linux AND product=openstack AND version=3

AND

product=ruby193-rubygem-ancestry-0 AND versionEndExcluding=1.3.0-5.el6ost

vendor=Red Hat Enterprise Linux AND product=openstack AND version=3

AND

product=ruby193-rubygem-fog-0 AND versionEndExcluding=1.10.1-11.el6ost

vendor=Red Hat Enterprise Linux AND product=openstack AND version=3

AND

product=ruby193-rubygem-mysql-0 AND versionEndExcluding=2.8.1-4.el6ost

vendor=Red Hat Enterprise Linux AND product=openstack AND version=3

AND

product=ruby193-rubygem-safemode-0 AND versionEndExcluding=1.2.0-9.el6ost

vendor=Red Hat Enterprise Linux AND product=openstack AND version=3

Reference

Keywords

REDHAT

CVE-2013-2113

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.