CVE Vulnerabilities

CVE-2014-0192

Published: May 08, 2014 | Modified: Feb 13, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

Foreman 1.4.0 before 1.5.0 does not properly restrict access to provisioning template previews, which allows remote attackers to obtain sensitive information via the hostname parameter, related to spoof.

Affected Software

Name Vendor Start Version End Version
Foreman Theforeman 1.4.1 1.4.1
Foreman Theforeman 1.4.3 1.4.3
Foreman Theforeman 1.4.2 1.4.2
Foreman Theforeman 1.4.0 1.4.0
Foreman Theforeman 1.4.4 1.4.4

References