Описание
An arbitrary code execution flaw was found in Foreman. This flaw allows an admin user to bypass safe mode in templates and execute arbitrary code on the underlying operating system.
Ссылки
- Release NotesThird Party Advisory
- Third Party Advisory
- Issue TrackingThird Party Advisory
- Release NotesThird Party Advisory
- Third Party Advisory
- Issue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:theforeman:foreman:*:*:*:*:*:*:*:*
Конфигурация 2Версия от 6.13 (включая) до 6.13.3 (исключая)
Одновременно
cpe:2.3:a:redhat:satellite:*:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
EPSS
Процентиль: 10%
0.00035
Низкий
9.1 Critical
CVSS3
Дефекты
CWE-78
CWE-78
Связанные уязвимости
CVSS3: 9.1
redhat
почти 3 года назад
An arbitrary code execution flaw was found in Foreman. This flaw allows an admin user to bypass safe mode in templates and execute arbitrary code on the underlying operating system.
CVSS3: 9.1
debian
больше 2 лет назад
An arbitrary code execution flaw was found in Foreman. This flaw allow ...
CVSS3: 8
github
больше 2 лет назад
An arbitrary code execution flaw was found in Foreman. This flaw allows an admin user to bypass safe mode in templates and execute arbitrary code on the underlying operating system.
EPSS
Процентиль: 10%
0.00035
Низкий
9.1 Critical
CVSS3
Дефекты
CWE-78
CWE-78