CVE Vulnerabilities

CVE-2013-4182

Published: Sep 16, 2013 | Modified: Feb 13, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

app/controllers/api/v1/hosts_controller.rb in Foreman before 1.2.2 does not properly restrict access to hosts, which allows remote attackers to access arbitrary hosts via an API request.

Affected Software

Name Vendor Start Version End Version
Openstack Redhat 3.0 (including) 3.0 (including)

References