NVD

Id
39832  
Name
CVE-2013-4182  
Description
app/controllers/api/v1/hosts_controller.rb in Foreman before 1.2.2 does not properly restrict access to hosts, which allows remote attackers to access arbitrary hosts via an API request.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-18  
Published
2013-09-16  
Modified Date
2013-09-17  
Seq
2013-4182  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
202624 39832 CVE-2013-4182 http://projects.theforeman.org/issues/2863  View
202625 39832 CVE-2013-4182 RHSA-2013:1196  View
202626 39832 CVE-2013-4182 http://theforeman.org/manuals/1.2/index.html#Releasenotesfor1.2.2  View
202627 39832 CVE-2013-4182 https://bugzilla.redhat.com/show_bug.cgi?id=990374  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
22589 JVNDB-2013-004164 Foreman の app/controllers/api/v1/hosts_controller.rb における任意のホストにアクセスされる脆弱性 Foreman の app/controllers/api/v1/hosts_controller.rb は、ホストへのアクセスを適切に制限しないため、任意のホストにアクセスされる脆弱性が存在します。 CVE-2013-4182 64124 CVE-2013-4182 39832 7.5 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-004164.html 2013-07-30 2013-09-19 View