Versions of Foreman as shipped with Red Hat Satellite 6 does not check for a correct CSRF token in the logout action. Therefore, an attacker can log out a user by having them view specially crafted content.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2020-01-02T19:52:06
Updated: 2024-08-06T10:50:17.612Z
Reserved: 2014-05-14T00:00:00
Link: CVE-2014-3590
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2020-01-02T20:15:19.007
Modified: 2020-01-14T17:11:06.867
Link: CVE-2014-3590
Redhat