PT-2023-16025 · Foreman+1 · Foreman+1

Ybuenos

Publicado

2023-09-20

Atualizado

2024-05-03

CVE-2023-0118

CVSS v3.1

9.1

Crítica

Vetor

AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Foreman (affected versions not specified)

Description An arbitrary code execution flaw was found in Foreman, allowing an admin user to bypass safe mode in templates and execute arbitrary code on the underlying operating system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

OS Command Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-78

Identificadores relacionados

CVE-2023-0118

RHSA-2023:4466

RHSA-2023:5979

RHSA-2023:5980

RHSA-2023:6818

Produtos afetados

Foreman

Rocky Linux

PT-2023-16025 · Foreman+1 · Foreman+1

CVE-2023-0118

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 15