CVE-2014-8183

Summary

It was found that foreman, versions 1.x.x before 1.15.6, in Satellite 6 did not properly enforce access controls on certain resources. An attacker with access to the API and knowledge of the resource name can access resources in other organizations.

Affected Software

VendorProductVersion RangeStatus
theforemanforeman1.x.x before 1.15.6affected

Weaknesses

  • CWE-284: CWE-284

ADP Enrichment

CVE Program Container

Additional References

References