← Back

Foreman Tasks

foreman-tasks

Vendor: Theforeman • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-10198
2Redhat
Theforeman
2Foreman Tasks
Satellite
Nov 21, 2024
Jul 31, 2019
N/A· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
An authentication bypass vulnerability was discovered in foreman-tasks before 0.15.7. Previously, commit tasks were searched through find_resource, which performed authorization checks. After the change to Foreman, an un...Show more
An authentication bypass vulnerability was discovered in foreman-tasks before 0.15.7. Previously, commit tasks were searched through find_resource, which performed authorization checks. After the change to Foreman, an unauthenticated user can view the details of a task through the web UI or API, if they can discover or guess the UUID of the task.Show less