Bug #2631: Remote code execution in Foreman via bookmark controller name - Foreman

Actions

Copy link

Bug #2631

closed

Remote code execution in Foreman via bookmark controller name

Added by Dominic Cleal over 11 years ago. Updated over 11 years ago.

Status:

Closed

Priority:

Immediate

Assignee:

Joseph Magen

Category:

Security

Target version:

1.2.0

Difficulty:

Triaged:

Bugzilla link:

Pull request:

Fixed in Releases:

Found in Releases:

Red Hat JIRA:

Description

There is a code injection vulnerability in the create method of the Bookmarks controller. The create method uses the controller attribute of the newly created bookmark in an eval statement without sanitizing it.

This security issue has been assigned the identifier CVE-2013-2121. It affects all Foreman versions prior to 1.2.0-RC2.

Thank you to Ramon de C Valle for identifying and notifying us of this vulnerability.

History
Notes
Property changes
Associated revisions

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Custom queries

Bug #2631

Remote code execution in Foreman via bookmark controller name

Updated by Dominic Cleal over 11 years ago

Updated by Joseph Magen over 11 years ago