Bug 2162972
| Summary: | Satellite/Foreman: Arbitrary code execution via Provisioning Settings | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | ybuenos |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED DUPLICATE | QA Contact: | |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | unspecified | CC: | bbuckingham, bcourt, btotty, ehelms, jsherril, lzap, mhulan, myarboro, nmoumoul, orabin, pcreech, rchan, security-response-team |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: |
An arbitrary code execution flaw was found in Foreman. This flaw allows an admin user to execute arbitrary code on the underlying operating system by editing the Transpiler Command in Provisioning Settings.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2023-01-24 09:41:49 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2162974, 2163695 | ||
| Bug Blocks: | 2162363 | ||
|
Description
ybuenos
2023-01-22 14:02:57 UTC
*** This bug has been marked as a duplicate of bug 2140577 *** |