CVE-2013-4180

Redhat Openstack < 1.2.1 - Improper Input Validation

Title source: rule

Description

The (1) power and (2) ipmi_boot actions in the HostController in Foreman before 1.2.2 allow remote attackers to cause a denial of service (memory consumption) via unspecified input that is converted to a symbol.

References (3)

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2013-1196.html

[Patch] http://theforeman.org/manuals/1.2/index.html#Releasenotesfor1.2.2

[Issue Tracking] http://projects.theforeman.org/issues/2860

Scores

EPSS 0.0094

EPSS Percentile 75.9%

Classification

CWE

CWE-20

Status draft

Affected Products (5)

redhat/openstack

theforeman/foreman < 1.2.1

theforeman/foreman

Timeline

Published Sep 16, 2013

Tracked Since Feb 18, 2026