Actions
Bug #33417
closedThe login page exposes version of the foreman
Difficulty:
Triaged:
Yes
Bugzilla link:
Pull request:
Description
The login page displays the version of the Foreman. That simplifies the search for the unpatched - vulnerable systems in the organization by unauthenticated user.
Updated by The Foreman Bot over 3 years ago
- Status changed from New to Ready For Testing
- Pull request https://github.com/theforeman/foreman/pull/8775 added
Updated by Evgeni Golov over 3 years ago
So does the `status` enpoint (don't send 'Accept: text/html' or you'll get a bad request):
# curl https://foreman.example.com/status/ {"result":"ok","status":"ok","version":"3.0.0","db_duration_ms":"2"}
Updated by Anonymous about 3 years ago
- Status changed from Ready For Testing to Closed
Applied in changeset foreman|35076bff03e78ab26742b3b133d231ca29445101.
Actions