CVE-2013-0210

Foreman < 1.2.0 - Remote Code Execution via Smart Proxy Puppet Run API

Title source: llm
STIX 2.1

Description

The smart proxy Puppet run API in Foreman before 1.2.0 allows remote attackers to execute arbitrary commands via vectors related to escaping and Puppet commands.

References (1)

Core 1
Core References
Vendor Advisory x_refsource_confirm
http://theforeman.org/security.html

Scores

EPSS 0.0185
EPSS Percentile 76.5%

Details

CWE
CWE-94
Status published
Products (6)
theforeman/foreman 0.1
theforeman/foreman 0.2
theforeman/foreman 0.3
theforeman/foreman 0.4
theforeman/foreman 0.4.1
theforeman/foreman < 1.0
Published May 08, 2014
Tracked Since Feb 18, 2026