app/controllers/api/v1/hosts_controller.rb in Foreman before 1.2.2 does not properly restrict access to hosts, which allows remote attackers to access arbitrary hosts via an API request.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2013-09-16T19:00:00Z

Updated: 2024-08-06T16:38:01.749Z

Reserved: 2013-06-12T00:00:00Z

Link: CVE-2013-4182

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2013-09-16T19:14:38.817

Modified: 2023-02-13T04:45:02.247

Link: CVE-2013-4182

cve-icon Redhat

Severity : Important

Publid Date: 2013-09-03T00:00:00Z

Links: CVE-2013-4182 - Bugzilla