Actions
Bug #25001
closed
CVE-2018-14643 rubygem-smart_proxy_dynflow: Authentication bypass in Foreman remote execution feature
Difficulty:
Triaged:
No
Bugzilla link:
Fixed in Releases:
Found in Releases:
Description
We have discovered a critical vulnerability in the Foreman Remote Execution feature, allowing an unauthorized remote attacker to perform arbitrary code execution on managed hosts.
The affected component is Smart Proxy Dynflow, that exposes critical end-points without proper authorization.
The affected version of smart_proxy_dynflow package are 0.1.8 and later (Foreman >= 1.15)
This issue has been introduced as a regression with [1], where adding alternative authorization mechanism for async callback from remote hosts caused the original authorization to by bypassed.
Updated by The Foreman Bot over 5 years ago
- Status changed from New to Ready For Testing
- Assignee set to Ivan Necas
- Pull request https://github.com/theforeman/smart_proxy_dynflow/pull/54 added
Updated by Ivan Necas over 5 years ago
- Status changed from Ready For Testing to Closed
Applied in changeset foreman_proxy_dynflow|4b5779bc11e8f0b92649e4de062335698114689c.
Updated by Ivan Necas over 5 years ago
- Subject changed from CVE-2018-14643 rubygem-smart_proxy_dynflow: Authentication bypass in Foreman remote execution feature to CVE-2018-14643 rubygem-smart_proxy_dynflow: Authentication bypass in Foreman remote execution feature
- Fixed in Releases smart_proxy_dynflow-0.1.11 (Foreman 1.15), smart_proxy_dynflow-0.2.1 (Foreman 1.18) added
Updated by Ivan Necas about 5 years ago
- Related to Feature #21605: Make authentication extendable added
Actions