Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
  • Loading branch information
ehelms authored and evgeni committed Sep 28, 2023
1 parent 8457a8b commit 4a709dc
Showing 1 changed file with 10 additions and 0 deletions.
10 changes: 10 additions & 0 deletions security.md
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ The policy of the project is to treat all newly reported issues as private, and

All security advisories made for Foreman are listed below with their corresponding [CVE identifier](https://cve.mitre.org/).

* [CVE-2022-4130: Blind SSRF via Referer header](security.html#2022-4130)
* [CVE-2022-3874: OS command injection via ct_command and fcct_command](security.html#2022-3874)
* [CVE-2021-3584: Remote code execution through Sendmail configuration](security.html#2021-3584)
* [CVE-2021-20256: BMC controller credential leak via API](security.html#2021-20256)
Expand Down Expand Up @@ -88,6 +89,15 @@ All security advisories made for Foreman are listed below with their correspondi

### Disclosure details

#### <a id="2022-4130"></a>CVE-2022-4130: Blind SSRF via Referer header

A blind site-to-site request forgery vulnerability was found in Satellite server.
It is possible to trigger an external interaction to an attacker's server by modifying the Referer header in an HTTP request of specific resources in the server.

* Affects Foreman
* Fix released in Foreman 3.8.0
* Redmine issue [#36768](https://projects.theforeman.org/issues/36768)

#### <a id="2022-3874"></a>CVE-2022-3874: OS command injection via ct_command and fcct_command

`ct_command` and `fcct_command` settings, available via Administer - Settings, both accept arbitrary
Expand Down

0 comments on commit 4a709dc

Please sign in to comment.