CVE-2013-2113 | Vulnerability Database | Aqua Security

The create method in app/controllers/users_controller.rb in Foreman before 1.2.0-RC2 allows remote authenticated users with permissions to create or edit other users to gain privileges by (1) changing the admin flag or (2) assigning an arbitrary role.

Affected Software

Name	Vendor	Start Version	End Version
Openstack	Redhat	3.0 (including)	3.0 (including)
Foreman	Theforeman	*	1.2.0 (including)
Foreman	Theforeman	1.1 (including)	1.1 (including)
OpenStack 3 for RHEL 6	RedHat	ruby193-foreman-0:1.1.10009-3.el6ost	*
OpenStack 3 for RHEL 6	RedHat	ruby193-foreman-proxy-0:1.1.10001-4.el6ost	*
OpenStack 3 for RHEL 6	RedHat	ruby193-openstack-foreman-installer-0:0.0.18-1.el6ost	*
OpenStack 3 for RHEL 6	RedHat	ruby193-rubygem-ancestry-0:1.3.0-5.el6ost	*
OpenStack 3 for RHEL 6	RedHat	ruby193-rubygem-fog-0:1.10.1-11.el6ost	*
OpenStack 3 for RHEL 6	RedHat	ruby193-rubygem-mysql-0:2.8.1-4.el6ost	*
OpenStack 3 for RHEL 6	RedHat	ruby193-rubygem-safemode-0:1.2.0-9.el6ost	*

References

http://projects.theforeman.org/issues/2630
http://rhn.redhat.com/errata/RHSA-2013-0995.html
https://bugzilla.redhat.com/show_bug.cgi?id=968166
https://groups.google.com/forum/#%21topic/foreman-users/6WpO_3ugiXU

NVD	https://nvd.nist.gov/vuln/detail/CVE-2013-2113
CWE	https://cwe.mitre.org/data/definitions/264.html