Foreman · Foreman-Tasks · CVE-2019-10198
Name of the Vulnerable Software and Affected Versions:
foreman-tasks versions prior to 0.15.7
Description:
An authentication bypass issue was found, allowing an unauthenticated user to view task details through the web UI or API if they can discover or guess the UUID of the task.
Recommendations:
For versions prior to 0.15.7, update to version 0.15.7 or later to resolve the issue.