CVE-2016-4475

The (1) Organization and (2) Locations APIs and UIs in Foreman before 1.11.4 and 1.12.x before 1.12.0-RC3 allow remote authenticated users to bypass organization and location restrictions and (a) read, (b) edit, or (c) delete arbitrary organizations or locations via unspecified vectors.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:theforeman:foreman:1.12.0:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:*:*:*:*:*:*:*:*

Information

Published : 2016-08-19 14:59

Updated : 2023-02-12 15:21


NVD link : CVE-2016-4475

Mitre link : CVE-2016-4475


JSON object : View

CWE
CWE-254

7PK - Security Features

Advertisement

dedicated server usa

Products Affected

theforeman

  • foreman