Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2015-5152

Опубликовано: 17 июл. 2017
Источник: debian
EPSS Низкий

Описание

Foreman after 1.1 and before 1.9.0-RC1 does not redirect HTTP requests to HTTPS when the require_ssl setting is set to true, which allows remote attackers to obtain user credentials via a man-in-the-middle attack.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
foremanitppackage

EPSS

Процентиль: 52%
0.00291
Низкий

Связанные уязвимости

redhat логотип

CVE-2015-5152

redhat
больше 10 лет назад

Foreman after 1.1 and before 1.9.0-RC1 does not redirect HTTP requests to HTTPS when the require_ssl setting is set to true, which allows remote attackers to obtain user credentials via a man-in-the-middle attack.

nvd логотип

CVE-2015-5152

CVSS3: 8.1
nvd
больше 8 лет назад

Foreman after 1.1 and before 1.9.0-RC1 does not redirect HTTP requests to HTTPS when the require_ssl setting is set to true, which allows remote attackers to obtain user credentials via a man-in-the-middle attack.

github логотип

GHSA-f78j-3cq3-m6p4

CVSS3: 8.1
github
больше 3 лет назад

Foreman after 1.1 and before 1.9.0-RC1 does not redirect HTTP requests to HTTPS when the require_ssl setting is set to true, which allows remote attackers to obtain user credentials via a man-in-the-middle attack.

EPSS

Процентиль: 52%
0.00291
Низкий