CVE-2014-3590

Summary

Versions of Foreman as shipped with Red Hat Satellite 6 does not check for a correct CSRF token in the logout action. Therefore, an attacker can log out a user by having them view specially crafted content.

Affected Software

VendorProductVersion RangeStatus
Red Hat Satellite 6Red Hat Satellite 66affected

Weaknesses

  • Cross-Site Request Forgery

ADP Enrichment

CVE Program Container

Additional References

References