7.5
CVSSv2

CVE-2013-0210

Published: 08/05/2014 Updated: 08/05/2014
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

The smart proxy Puppet run API in Foreman prior to 1.2.0 allows remote attackers to execute arbitrary commands via vectors related to escaping and Puppet commands.

Affected Products

Vendor Product Versions
TheforemanForeman0.1, 0.2, 0.3, 0.4, 0.4.1, 1.0