{"containers": {"cna": {"affected": [{"product": "foreman", "vendor": "Foreman", "versions": [{"status": "affected", "version": "1.15.0"}]}], "datePublic": "2016-10-18T00:00:00", "descriptions": [{"lang": "en", "value": "foreman before version 1.15.0 is vulnerable to an information leak through organizations and locations feature. When a user is assigned _no_ organizations/locations, they are able to view all resources instead of none (mirroring an administrator's view). The user's actions are still limited by their assigned permissions, e.g. to control viewing, editing and deletion."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-285", "description": "CWE-285", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2018-09-11T09:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/theforeman/foreman/commit/5f606e11cf39719bf62f8b1f3396861b32387905"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7078"}, {"name": "96385", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/96385"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://theforeman.org/security.html#2016-7078"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://projects.theforeman.org/issues/16982"}, {"name": "[oss-security] 20170222 CVE-2016-7078: Foreman organization/location authorization vulnerability", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://seclists.org/oss-sec/2017/q1/470"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2016-7078", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "foreman", "version": {"version_data": [{"version_value": "1.15.0"}]}}]}, "vendor_name": "Foreman"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "foreman before version 1.15.0 is vulnerable to an information leak through organizations and locations feature. When a user is assigned _no_ organizations/locations, they are able to view all resources instead of none (mirroring an administrator's view). The user's actions are still limited by their assigned permissions, e.g. to control viewing, editing and deletion."}]}, "impact": {"cvss": [[{"vectorString": "4.3/CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.0"}], [{"vectorString": "3.5/AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0"}]]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-285"}]}]}, "references": {"reference_data": [{"name": "https://github.com/theforeman/foreman/commit/5f606e11cf39719bf62f8b1f3396861b32387905", "refsource": "CONFIRM", "url": "https://github.com/theforeman/foreman/commit/5f606e11cf39719bf62f8b1f3396861b32387905"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7078", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7078"}, {"name": "96385", "refsource": "BID", "url": "http://www.securityfocus.com/bid/96385"}, {"name": "https://theforeman.org/security.html#2016-7078", "refsource": "CONFIRM", "url": "https://theforeman.org/security.html#2016-7078"}, {"name": "https://projects.theforeman.org/issues/16982", "refsource": "CONFIRM", "url": "https://projects.theforeman.org/issues/16982"}, {"name": "[oss-security] 20170222 CVE-2016-7078: Foreman organization/location authorization vulnerability", "refsource": "MLIST", "url": "https://seclists.org/oss-sec/2017/q1/470"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T01:50:47.463Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/theforeman/foreman/commit/5f606e11cf39719bf62f8b1f3396861b32387905"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7078"}, {"name": "96385", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/96385"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://theforeman.org/security.html#2016-7078"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://projects.theforeman.org/issues/16982"}, {"name": "[oss-security] 20170222 CVE-2016-7078: Foreman organization/location authorization vulnerability", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://seclists.org/oss-sec/2017/q1/470"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2016-7078", "datePublished": "2018-09-10T15:00:00", "dateReserved": "2016-08-23T00:00:00", "dateUpdated": "2024-08-06T01:50:47.463Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:theforeman:foreman:1.15.0:*:*:*:*:*:*:*", "matchCriteriaId": "EDB73CC6-0667-480C-920D-98BCBA910C36", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "foreman before version 1.15.0 is vulnerable to an information leak through organizations and locations feature. When a user is assigned _no_ organizations/locations, they are able to view all resources instead of none (mirroring an administrator's view). The user's actions are still limited by their assigned permissions, e.g. to control viewing, editing and deletion."}, {"lang": "es", "value": "Foreman en versiones anteriores a la 1.15.0 es vulnerable a una fuga de informaci\u00f3n mediante la funcionalidad de organizaciones y ubicaciones. Cuando se le asigna a un usuario _no_ organizaciones/ubicaciones, pueden ver todos los recursos en lugar de ninguno (copiando la vista de administrador). Las acciones del usuario siguen estando limitadas por sus permisos asignados, esto es, para controlar la vista, la edici\u00f3n y la eliminaci\u00f3n"}], "id": "CVE-2016-7078", "lastModified": "2023-11-07T02:34:14.973", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "secalert@redhat.com", "type": "Secondary"}]}, "published": "2018-09-10T15:29:04.280", "references": [{"source": "secalert@redhat.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/96385"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7078"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://github.com/theforeman/foreman/commit/5f606e11cf39719bf62f8b1f3396861b32387905"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://projects.theforeman.org/issues/16982"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://seclists.org/oss-sec/2017/q1/470"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://theforeman.org/security.html#2016-7078"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-285"}], "source": "secalert@redhat.com", "type": "Secondary"}]}

{"acknowledgement": "Red Hat would like to thank the Foreman project for reporting this issue. Upstream acknowledges Daniel Lobato Garcia as the original reporter.", "affected_release": [{"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "candlepin-0:2.1.14-1.el7", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "foreman-0:1.15.6.34-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "foreman-bootloaders-redhat-0:201801241201-2.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "foreman-discovery-image-0:3.4.4-1", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "foreman-installer-1:1.15.6.8-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "foreman-proxy-0:1.15.6.4-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "foreman-selinux-0:1.15.6.2-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "hiera-0:1.3.1-2.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "katello-0:3.4.5-15.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "katello-certs-tools-0:2.4.0-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "katello-client-bootstrap-0:1.5.1-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "katello-installer-base-0:3.4.5.26-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "katello-selinux-0:3.0.2-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "kobo-0:0.5.1-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "pulp-0:2.13.4.6-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "pulp-docker-0:2.4.1-2.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "pulp-katello-0:1.0.2-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "pulp-ostree-0:1.2.1.1-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "pulp-puppet-0:2.13.4-3.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "pulp-rpm-0:2.13.4.8-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "puppet-foreman_scap_client-0:0.3.16-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "python-zope-interface-0:4.0.5-4.el7", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "redhat-access-insights-puppet-0:0.0.9-2.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "rubygem-foreman_scap_client-0:0.3.0-2.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "rubygem-kafo-0:2.0.2-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "rubygem-kafo_parsers-0:0.1.6-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "rubygem-kafo_wizards-0:0.0.1-2.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "rubygem-smart_proxy_dhcp_remote_isc-0:0.0.2.1-1.fm1_15.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "rubygem-smart_proxy_discovery-0:1.0.4-3.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "rubygem-smart_proxy_discovery_image-0:1.0.9-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "rubygem-smart_proxy_dynflow-0:0.1.10-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "rubygem-smart_proxy_openscap-0:0.6.9-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "rubygem-smart_proxy_pulp-0:1.3.0-1.git.0.b5c2768.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "rubygem-smart_proxy_remote_execution_ssh-0:0.1.6-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "rubygem-tilt-0:1.3.7-2.git.0.3b416c9.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "satellite-0:6.3.0-23.0.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "satellite-installer-0:6.3.0.12-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "tfm-rubygem-bastion-0:5.1.1.4-1.fm1_15.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "tfm-rubygem-foreman_bootdisk-0:10.0.2.2-1.fm1_15.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "tfm-rubygem-foreman_discovery-0:9.1.5.3-1.fm1_15.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "tfm-rubygem-foreman_docker-0:3.1.0.3-1.fm1_15.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "tfm-rubygem-foreman_hooks-0:0.3.14-1.fm1_15.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "tfm-rubygem-foreman_openscap-0:0.7.11-1.fm1_15.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "tfm-rubygem-foreman-redhat_access-0:2.0.13-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "tfm-rubygem-foreman_remote_execution-0:1.3.7.2-1.fm1_15.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "tfm-rubygem-foreman_remote_execution_core-0:1.0.6-1.fm1_15.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "tfm-rubygem-foreman-tasks-0:0.9.6.4-1.fm1_15.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "tfm-rubygem-foreman-tasks-core-0:0.1.8-1.fm1_15.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "tfm-rubygem-foreman_templates-0:5.0.1-1.fm1_15.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "tfm-rubygem-foreman_theme_satellite-0:1.0.4.16-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "tfm-rubygem-foreman_virt_who_configure-0:0.1.9-1.fm1_15.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "tfm-rubygem-hammer_cli-0:0.11.0.1-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "tfm-rubygem-hammer_cli_csv-0:2.3.0-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "tfm-rubygem-hammer_cli_foreman-0:0.11.0.5-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "tfm-rubygem-hammer_cli_foreman_admin-0:0.0.8-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "tfm-rubygem-hammer_cli_foreman_bootdisk-0:0.1.3.3-2.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "tfm-rubygem-hammer_cli_foreman_discovery-0:1.0.0-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "tfm-rubygem-hammer_cli_foreman_docker-0:0.0.6-2.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "tfm-rubygem-hammer_cli_foreman_openscap-0:0.1.5-1.fm1_15.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "tfm-rubygem-hammer_cli_foreman_remote_execution-0:0.0.6-1.fm1_15.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "tfm-rubygem-hammer_cli_foreman_tasks-0:0.0.12-1.fm1_15.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "tfm-rubygem-hammer_cli_foreman_virt_who_configure-0:0.0.3-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "tfm-rubygem-hammer_cli_katello-0:0.11.3.5-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "tfm-rubygem-katello-0:3.4.5.58-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "tfm-rubygem-ovirt_provision_plugin-0:1.0.2-1.fm1_15.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite:6.3::el7", "package": "tfm-rubygem-smart_proxy_dynflow_core-0:0.1.10-1.fm1_15.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "candlepin-0:2.1.14-1.el7", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "foreman-0:1.15.6.34-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "foreman-bootloaders-redhat-0:201801241201-2.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "foreman-discovery-image-0:3.4.4-1", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "foreman-installer-1:1.15.6.8-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "foreman-proxy-0:1.15.6.4-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "foreman-selinux-0:1.15.6.2-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "hiera-0:1.3.1-2.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "katello-0:3.4.5-15.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "katello-certs-tools-0:2.4.0-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "katello-client-bootstrap-0:1.5.1-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "katello-installer-base-0:3.4.5.26-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "katello-selinux-0:3.0.2-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "kobo-0:0.5.1-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "pulp-0:2.13.4.6-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "pulp-docker-0:2.4.1-2.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "pulp-katello-0:1.0.2-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "pulp-ostree-0:1.2.1.1-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "pulp-puppet-0:2.13.4-3.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "pulp-rpm-0:2.13.4.8-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "puppet-foreman_scap_client-0:0.3.16-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "python-zope-interface-0:4.0.5-4.el7", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "redhat-access-insights-puppet-0:0.0.9-2.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "rubygem-foreman_scap_client-0:0.3.0-2.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "rubygem-kafo-0:2.0.2-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "rubygem-kafo_parsers-0:0.1.6-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "rubygem-kafo_wizards-0:0.0.1-2.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "rubygem-smart_proxy_dhcp_remote_isc-0:0.0.2.1-1.fm1_15.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "rubygem-smart_proxy_discovery-0:1.0.4-3.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "rubygem-smart_proxy_discovery_image-0:1.0.9-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "rubygem-smart_proxy_dynflow-0:0.1.10-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "rubygem-smart_proxy_openscap-0:0.6.9-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "rubygem-smart_proxy_pulp-0:1.3.0-1.git.0.b5c2768.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "rubygem-smart_proxy_remote_execution_ssh-0:0.1.6-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "rubygem-tilt-0:1.3.7-2.git.0.3b416c9.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "satellite-0:6.3.0-23.0.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "satellite-installer-0:6.3.0.12-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "tfm-rubygem-bastion-0:5.1.1.4-1.fm1_15.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "tfm-rubygem-foreman_bootdisk-0:10.0.2.2-1.fm1_15.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "tfm-rubygem-foreman_discovery-0:9.1.5.3-1.fm1_15.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "tfm-rubygem-foreman_docker-0:3.1.0.3-1.fm1_15.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "tfm-rubygem-foreman_hooks-0:0.3.14-1.fm1_15.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "tfm-rubygem-foreman_openscap-0:0.7.11-1.fm1_15.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "tfm-rubygem-foreman-redhat_access-0:2.0.13-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "tfm-rubygem-foreman_remote_execution-0:1.3.7.2-1.fm1_15.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "tfm-rubygem-foreman_remote_execution_core-0:1.0.6-1.fm1_15.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "tfm-rubygem-foreman-tasks-0:0.9.6.4-1.fm1_15.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "tfm-rubygem-foreman-tasks-core-0:0.1.8-1.fm1_15.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "tfm-rubygem-foreman_templates-0:5.0.1-1.fm1_15.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "tfm-rubygem-foreman_theme_satellite-0:1.0.4.16-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "tfm-rubygem-foreman_virt_who_configure-0:0.1.9-1.fm1_15.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "tfm-rubygem-hammer_cli-0:0.11.0.1-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "tfm-rubygem-hammer_cli_csv-0:2.3.0-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "tfm-rubygem-hammer_cli_foreman-0:0.11.0.5-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "tfm-rubygem-hammer_cli_foreman_admin-0:0.0.8-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "tfm-rubygem-hammer_cli_foreman_bootdisk-0:0.1.3.3-2.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "tfm-rubygem-hammer_cli_foreman_discovery-0:1.0.0-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "tfm-rubygem-hammer_cli_foreman_docker-0:0.0.6-2.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "tfm-rubygem-hammer_cli_foreman_openscap-0:0.1.5-1.fm1_15.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "tfm-rubygem-hammer_cli_foreman_remote_execution-0:0.0.6-1.fm1_15.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "tfm-rubygem-hammer_cli_foreman_tasks-0:0.0.12-1.fm1_15.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "tfm-rubygem-hammer_cli_foreman_virt_who_configure-0:0.0.3-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "tfm-rubygem-hammer_cli_katello-0:0.11.3.5-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "tfm-rubygem-katello-0:3.4.5.58-1.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "tfm-rubygem-ovirt_provision_plugin-0:1.0.2-1.fm1_15.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}, {"advisory": "RHSA-2018:0336", "cpe": "cpe:/a:redhat:satellite_capsule:6.3::el7", "package": "tfm-rubygem-smart_proxy_dynflow_core-0:0.1.10-1.fm1_15.el7sat", "product_name": "Red Hat Satellite 6.3 for RHEL 7", "release_date": "2018-02-21T00:00:00Z"}], "bugzilla": {"description": "foreman: Information leak through organizations and locations feature", "id": "1386244", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1386244"}, "csaw": false, "cvss": {"cvss_base_score": "3.5", "cvss_scoring_vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "status": "verified"}, "cvss3": {"cvss3_base_score": "4.3", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "status": "verified"}, "cwe": "CWE-285", "details": ["foreman before version 1.15.0 is vulnerable to an information leak through organizations and locations feature. When a user is assigned _no_ organizations/locations, they are able to view all resources instead of none (mirroring an administrator's view). The user's actions are still limited by their assigned permissions, e.g. to control viewing, editing and deletion."], "name": "CVE-2016-7078", "package_state": [{"cpe": "cpe:/a:redhat:openstack-installer:5", "fix_state": "Will not fix", "package_name": "foreman", "product_name": "OpenStack Foreman"}, {"cpe": "cpe:/a:redhat:ceph_storage:1.3", "fix_state": "Will not fix", "package_name": "foreman", "product_name": "Red Hat Ceph Storage 1.3"}, {"cpe": "cpe:/a:redhat:openstack-installer:6", "fix_state": "Will not fix", "package_name": "foreman", "product_name": "Red Hat Enterprise Linux OpenStack Platform 6 (Juno) Installer"}], "public_date": "2016-10-18T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2016-7078\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-7078"], "threat_severity": "Low", "upstream_fix": "foreman 1.15.0"}