 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| CVE ID: | CVE-2016-4995 |
| Description: | Foreman before 1.11.4 and 1.12.x before 1.12.1 does not properly restrict access to preview provisioning templates, which allows remote authenticated users with permission to view some hosts to obtain sensitive host configuration information via a URL with a hostname. |
| Test IDs: | 1.3.6.1.4.1.25623.1.0.106420 |
| Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2016-4995 RHSA-2018:0336 https://access.redhat.com/errata/RHSA-2018:0336 http://projects.theforeman.org/issues/15490 http://projects.theforeman.org/issues/15490 http://projects.theforeman.org/projects/foreman/repository/revisions/c3c186de12be15e55d9582e54659f765304a1073 http://projects.theforeman.org/projects/foreman/repository/revisions/c3c186de12be15e55d9582e54659f765304a1073 https://theforeman.org/security.html#2016-4995 https://theforeman.org/security.html#2016-4995 |