7.5
CVSSv2

CVE-2013-4386

Published: 20/11/2013 Updated: 13/08/2018
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

Multiple SQL injection vulnerabilities in app/models/concerns/host_common.rb in Foreman prior to 1.2.3 allow remote attackers to execute arbitrary SQL commands via the (1) fqdn or (2) hostgroup parameter.

Affected Products

Vendor Product Versions
RedhatOpenstack3.0
TheforemanForeman1.2.0, 1.2.1, 1.2.2

Vendor Advisories

Synopsis Moderate: Foreman security update Type/Severity Security Advisory: Moderate Topic Updated Foreman packages that fix one security issue are now available forRed Hat OpenStack 30The Red Hat Security Response Team has rated this update as having moderate security impact A Common Vulnerability Scori ...
Multiple SQL injection vulnerabilities in app/models/concerns/host_commonrb in Foreman before 123 allow remote attackers to execute arbitrary SQL commands via the (1) fqdn or (2) hostgroup parameter ...