1092354 – (CVE-2014-0192) CVE-2014-0192 Foreman: provisioning templates are world accessible

Bug 1092354 (CVE-2014-0192) - CVE-2014-0192 Foreman: provisioning templates are world accessible

Summary: CVE-2014-0192 Foreman: provisioning templates are world accessible

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	CVE-2014-0192
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1092832
Blocks:	1092357
TreeView+	depends on / blocked

Reported:	2014-04-29 07:07 UTC by Kurt Seifried
Modified:	2019-09-29 13:16 UTC (History)
CC List:	21 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2015-05-20 05:29:14 UTC
Embargoed:

Attachments	(Terms of Use)

Description Kurt Seifried 2014-04-29 07:07:51 UTC

Ohad Levy of Red Hat reports:

since 1e0fd283 it is possible to override spoof by providing a hostname parameters.

this would allow to retrieve any template of any host bypassing authentication.

External references:
http://projects.theforeman.org/issues/5436
http://projects.theforeman.org/projects/foreman/repository/revisions/1e0fd283180dc6bda30c880898cdea69cb579194

Fixed in:
https://github.com/theforeman/foreman/pull/1404
https://github.com/theforeman/foreman/commit/aa0ebe8

Comment 1 Dominic Cleal 2014-04-29 07:57:56 UTC

http://theforeman.org/security.html updated with statement.

Note You need to log in before you can comment on or make changes to this bug.

abaron
aortega
apevec
athomas
ayoung
bkearney
chrisw
cpelland
dcleal
gkotton
jrusnack
katello-bugs
kseifried
lhh
markmc
mmccune
rbryant
rhos-maint
sclewis
tjay
yeylon