CVE-2016-4475

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 02-06-2016 02:00

Last modified: - 02-06-2016 02:00

Total changes: - 10

Description

CVE-2016-4475 foreman: API and UI actions/URLs not limited to the orgs/locations assigned

Common Vulnerability Scoring System (CVSS)

AV:N/AC:M/Au:S/C:P/I:P/A:N

Low

Attack complexity

Network

Attack vector

None

Availability

Low

Confidentiality

Low

Integrity

-

Privileges required

-

Scope

-

User interaction

4.9

Base score

Exploitability score

Impact score

Verification logic

OR

AND

product=foreman-0 AND versionEndExcluding=1.11.0.51-1.el6sat

vendor=Red Hat Enterprise Linux AND product=satellite_capsule AND version=6.1

AND

product=foreman-installer-1 AND versionEndExcluding=1.11.0.10-1.el6sat

vendor=Red Hat Enterprise Linux AND product=satellite_capsule AND version=6.1

AND

product=foreman-proxy-0 AND versionEndExcluding=1.11.0.5-1.el6sat

vendor=Red Hat Enterprise Linux AND product=satellite_capsule AND version=6.1

AND

product=pulp-0 AND versionEndExcluding=2.8.3.4-1.el6sat

vendor=Red Hat Enterprise Linux AND product=satellite_capsule AND version=6.1

AND

product=satellite-0 AND versionEndExcluding=6.2.1-1.2.el6sat

vendor=Red Hat Enterprise Linux AND product=satellite_capsule AND version=6.1

AND

product=tfm-rubygem-foreman_discovery-0 AND versionEndExcluding=5.0.0.9-1.el6sat

vendor=Red Hat Enterprise Linux AND product=satellite_capsule AND version=6.1

AND

product=tfm-rubygem-hammer_cli_foreman_admin-0 AND versionEndExcluding=0.0.5-1.el6sat

vendor=Red Hat Enterprise Linux AND product=satellite_capsule AND version=6.1

AND

product=tfm-rubygem-hammer_cli_katello-0 AND versionEndExcluding=0.0.22.25-1.el6sat

vendor=Red Hat Enterprise Linux AND product=satellite_capsule AND version=6.1

AND

product=tfm-rubygem-katello-0 AND versionEndExcluding=3.0.0.70-1.el6sat

vendor=Red Hat Enterprise Linux AND product=satellite_capsule AND version=6.1

AND

product=tfm-rubygem-ovirt_provision_plugin-0 AND versionEndExcluding=1.0.2-1.el6sat

vendor=Red Hat Enterprise Linux AND product=satellite_capsule AND version=6.1

AND

product=foreman-0 AND versionEndExcluding=1.11.0.51-1.el7sat

vendor=Red Hat Enterprise Linux AND product=satellite_capsule AND version=6.2

AND

product=foreman-installer-1 AND versionEndExcluding=1.11.0.10-1.el7sat

vendor=Red Hat Enterprise Linux AND product=satellite_capsule AND version=6.2

AND

product=foreman-proxy-0 AND versionEndExcluding=1.11.0.5-1.el7sat

vendor=Red Hat Enterprise Linux AND product=satellite_capsule AND version=6.2

AND

product=pulp-0 AND versionEndExcluding=2.8.3.4-1.el7sat

vendor=Red Hat Enterprise Linux AND product=satellite_capsule AND version=6.2

AND

product=satellite-0 AND versionEndExcluding=6.2.1-1.2.el7sat

vendor=Red Hat Enterprise Linux AND product=satellite_capsule AND version=6.2

AND

product=tfm-rubygem-foreman_discovery-0 AND versionEndExcluding=5.0.0.9-1.el7sat

vendor=Red Hat Enterprise Linux AND product=satellite_capsule AND version=6.2

AND

product=tfm-rubygem-hammer_cli_foreman_admin-0 AND versionEndExcluding=0.0.5-1.el7sat

vendor=Red Hat Enterprise Linux AND product=satellite_capsule AND version=6.2

AND

product=tfm-rubygem-hammer_cli_katello-0 AND versionEndExcluding=0.0.22.25-1.el7sat

vendor=Red Hat Enterprise Linux AND product=satellite_capsule AND version=6.2

AND

product=tfm-rubygem-katello-0 AND versionEndExcluding=3.0.0.70-1.el7sat

vendor=Red Hat Enterprise Linux AND product=satellite_capsule AND version=6.2

AND

product=tfm-rubygem-ovirt_provision_plugin-0 AND versionEndExcluding=1.0.2-1.el7sat

vendor=Red Hat Enterprise Linux AND product=satellite_capsule AND version=6.2

AND

product=foreman AND version=

vendor=Red Hat Enterprise Linux AND product=openstack-installer AND version=5

AND

product=foreman AND version=

vendor=Red Hat Enterprise Linux AND product=ceph_storage AND version=1.3

AND

product=foreman AND version=

vendor=Red Hat Enterprise Linux AND product=openstack-installer AND version=6

Reference

Keywords

REDHAT

CVE-2016-4475

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.