Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 27 May 2016 14:34:23 +0200
From: Marek Hulán <mhulan@...hat.com>
To: oss-security@...ts.openwall.com
Subject: CVE-2016-4451: Privileges escalation through Organization and Locations Foreman API

CVE-2016-4451: Privilege escalation through Organization and Locations API

When accessing Foreman as a user limited to specific organization, if users 
know other organization id and have unlimited filters they can access/modify 
other organization data. They just have to set the id as API parameter.

Mitigation: make sure you have filters restricted to organizations or locations 
when you limit user by assigning him particular organization or location.

Affects Foreman 1.7 and higher

Patch available at https://github.com/theforeman/foreman/pull/3553
Fix released in Foreman 1.11.3 (to be released)
For more information please see Redmine issue 
http://projects.theforeman.org/issues/15182

--
Marek


Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ