Описание
The Smart-Proxy in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the path parameter to tftp/fetch_boot_file.
Уязвимые конфигурации
Конфигурация 1Версия до 1.4.4 (включая)
Одно из
cpe:2.3:a:theforeman:foreman:*:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.4.3:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.5.0:*:*:*:*:*:*:*
EPSS
Процентиль: 91%
0.06395
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
redhat
больше 11 лет назад
The Smart-Proxy in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the path parameter to tftp/fetch_boot_file.
debian
больше 11 лет назад
The Smart-Proxy in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows ...
github
больше 3 лет назад
The Smart-Proxy in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the path parameter to tftp/fetch_boot_file.
EPSS
Процентиль: 91%
0.06395
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other