CVE

CVE-2016-4475 (foreman)

admin

CVE-2016-4475 (foreman)

The (1) Organization and (2) Locations APIs and UIs in Foreman before 1.11.4 and 1.12.x before 1.12.0-RC3 allow remote authenticated users to bypass organization and location restrictions and (a) read, (b) edit, or (c) delete arbitrary organizations or locations via unspecified vectors.

Source: CVE-2016-4475 (foreman)

Exit mobile version