Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Wed, 28 Mar 2018 10:53:44 +0300
From: Tomer Brisker <tbrisker@...hat.com>
To: oss-security@...ts.openwall.com
Subject: Foreman 1.9+ SQL injection in dashboard page

CVE-2018-1096: One of the parameters passed when saving widget positions on
the dashboard was not properly escaped leading to possibility of SQL
injection. Due to the nature of the query, exploitation is limited to
possible information disclosure and does not allow modifications to the
database. The vulnerable endpoint is only available to authenticated users.

Affects Foreman 1.9 and higher.

Patch available at https://github.com/theforeman/foreman/pull/5363
Fix will be released in Foreman 1.16.1.
For more information see: http://projects.theforeman.org/issues/23028

-- 
Have a nice day,
Tomer Brisker
Red Hat Engineering

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ