PT-2016-5017 · Foreman · Foreman
Published
2016-05-20
·
Updated
2023-02-13
·
CVE-2016-2100
CVSS v2.0
6.5
Medium
| Vector | AV:N/AC:L/Au:S/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Foreman versions prior to 1.10.3
Foreman version 1.11.0 before 1.11.0-RC2
Description
The issue allows remote authenticated users to read, modify, or delete private bookmarks by leveraging the
edit bookmarks or destroy bookmarks permission.Recommendations
For Foreman versions prior to 1.10.3, update to version 1.10.3 or later.
For Foreman version 1.11.0 before 1.11.0-RC2, update to 1.11.0-RC2 or later.
Fix
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Foreman