Description
Foreman since version 1.5 is vulnerable to an incorrect authorization check due to which users with user management permission who are assigned to some organization(s) can do all operations granted by these permissions on all administrator user object outside of their scope, such as editing global admin accounts including changing their passwords.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/98607
Issue Tracking, Patch, Vendor Advisory x_refsource_confirm
http://projects.theforeman.org/issues/19612
Patch, Vendor Advisory x_refsource_confirm
https://github.com/theforeman/foreman/pull/4545
Scores
CVSS v3
8.8
EPSS
0.0159
EPSS Percentile
72.6%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-269
CWE-863
Status
published
Products (32)
Foreman/foreman
1.5 and higher
theforeman/foreman
1.5.0 (3 CPE variants)
theforeman/foreman
1.5.1
theforeman/foreman
1.5.2
theforeman/foreman
1.5.3
theforeman/foreman
1.6.0 (3 CPE variants)
theforeman/foreman
1.6.1
theforeman/foreman
1.6.3
theforeman/foreman
1.7.0 (3 CPE variants)
theforeman/foreman
1.7.1
... and 22 more
Published
May 26, 2017
Tracked Since
Feb 18, 2026