CVE-2017-2662

Summary

A flaw was found in Foreman's katello plugin version 3.4.5. After setting a new role to allow restricted access on a repository with a filter (filter set on the Product Name), the filter is not respected when the actions are done via hammer using the repository id.

Affected Software

VendorProductVersion RangeStatus
The Foreman Projectforeman katello plugin3.4.5affected

Weaknesses

  • CWE-862: CWE-862

ADP Enrichment

CVE Program Container

Additional References

References