Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 27 May 2016 14:34:23 +0200
From: Marek Hulán <mhulan@...hat.com>
To: oss-security@...ts.openwall.com
Subject: CVE-2016-4451: Privileges escalation through Organization and Locations Foreman API

CVE-2016-4451: Privilege escalation through Organization and Locations API

When accessing Foreman as a user limited to specific organization, if users 
know other organization id and have unlimited filters they can access/modify 
other organization data. They just have to set the id as API parameter.

Mitigation: make sure you have filters restricted to organizations or locations 
when you limit user by assigning him particular organization or location.

Affects Foreman 1.7 and higher

Patch available at https://github.com/theforeman/foreman/pull/3553
Fix released in Foreman 1.11.3 (to be released)
For more information please see Redmine issue 
http://projects.theforeman.org/issues/15182

--
Marek


Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.