The create method in app/controllers/users_controller.rb in Foreman before 1.2.0-RC2 allows remote authenticated users with permissions to create or edit other users to gain privileges by (1) changing the admin flag or (2) assigning an arbitrary role.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Openstack | Redhat | 3.0 (including) | 3.0 (including) |
| Foreman | Theforeman | * | 1.2.0 (including) |
| Foreman | Theforeman | 1.1 (including) | 1.1 (including) |
| OpenStack 3 for RHEL 6 | RedHat | ruby193-foreman-0:1.1.10009-3.el6ost | * |
| OpenStack 3 for RHEL 6 | RedHat | ruby193-foreman-proxy-0:1.1.10001-4.el6ost | * |
| OpenStack 3 for RHEL 6 | RedHat | ruby193-openstack-foreman-installer-0:0.0.18-1.el6ost | * |
| OpenStack 3 for RHEL 6 | RedHat | ruby193-rubygem-ancestry-0:1.3.0-5.el6ost | * |
| OpenStack 3 for RHEL 6 | RedHat | ruby193-rubygem-fog-0:1.10.1-11.el6ost | * |
| OpenStack 3 for RHEL 6 | RedHat | ruby193-rubygem-mysql-0:2.8.1-4.el6ost | * |
| OpenStack 3 for RHEL 6 | RedHat | ruby193-rubygem-safemode-0:1.2.0-9.el6ost | * |
References
- http://projects.theforeman.org/issues/2630
- http://rhn.redhat.com/errata/RHSA-2013-0995.html
- https://bugzilla.redhat.com/show_bug.cgi?id=968166
- https://groups.google.com/forum/#%21topic/foreman-users/6WpO_3ugiXU
- http://projects.theforeman.org/issues/2630
- http://rhn.redhat.com/errata/RHSA-2013-0995.html
- https://bugzilla.redhat.com/show_bug.cgi?id=968166
- https://groups.google.com/forum/#%21topic/foreman-users/6WpO_3ugiXU