Описание
An authorization flaw was found in Foreman Ansible. An authenticated attacker with certain permissions to create and run Ansible jobs can access hosts through job templates. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Satellite 6 | tfm-rubygem-foreman_ansible | Affected |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-306
https://bugzilla.redhat.com/show_bug.cgi?id=1969265foreman_ansible: authenticated user can access host through job_template
8 High
CVSS3
Связанные уязвимости
CVSS3: 8
nvd
почти 4 года назад
An authorization flaw was found in Foreman Ansible. An authenticated attacker with certain permissions to create and run Ansible jobs can access hosts through job templates. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVSS3: 8
github
почти 4 года назад
Missing Authentication for Critical Function in Foreman Ansible
8 High
CVSS3