Bug #31937: CVE-2021-20256 foreman: BMC controller credential leak via API - Foreman

Actions

Bug #31937

closed

CVE-2021-20256 foreman: BMC controller credential leak via API

Added by Evgeni Golov about 4 years ago. Updated about 4 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Category:

Security

Target version:

Difficulty:

Triaged:

No

Bugzilla link:

Pull request:

https://github.com/theforeman/foreman/pull/8349

Fixed in Releases:

Found in Releases:

Red Hat JIRA:

Description

A password leak was identified on Foreman which will expose BMC password in plaintext through the host API.

Actions

#4

Updated by Evgeni Golov about 4 years ago

Status changed from Ready For Testing to Closed

Applied in changeset foreman|93f87b351bba75395e26fb693956aaac8741f8fa.

Actions

Also available in: Atom PDF