#VU10749 Information disclosure in Foreman - CVE-2016-4995

Cybersecurity Help s.r.o.

Published: 2018-02-27

Vulnerability identifier: #VU10749

Vulnerability risk: Low

CVSSv4.0: 2.3 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2016-4995

CWE-ID: CWE-200

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Foreman
Web applications / Remote management & hosting panels

Vendor: Foreman

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to improper restriction of access to preview provisioning templates. A remote attacker with permissions to preview host templates can access the template preview for any host if they are able to guess the host name, and access potentially sensitive information.

Mitigation
Update to versions 1.11.4 or 1.12.1.

Vulnerable software versions

Foreman: 1.11.0 - 1.12.0

External links
https://theforeman.org/security.html#2016-4995

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Red Hat update for Satellite 6.3

Information disclosure in Foreman