CVE-2015-3235

Sažetak

Foreman before 1.9.0 allows remote authenticated users with the edit_users permission to edit administrator users and change their passwords via unspecified vectors.

Reference

https://access.redhat.com/errata/RHSA-2015:1592
https://access.redhat.com/errata/RHSA-2015:1591
http://projects.theforeman.org/issues/10829
https://bugzilla.redhat.com/show_bug.cgi?id=1232366
http://theforeman.org/manuals/1.9/index.html#Releasenotesfor1.9

CVSS

Base:	6.0
Impact:	6.4
Exploitability:	6.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:M/Au:S/C:P/I:P/A:P

Zadnje važnije ažuriranje

13-02-2023 - 00:48

Objavljeno

14-08-2015 - 18:59