Foreman Information Disclosure Vulnerability-02 CVE-2016-4995
- CVSSv3 Score
- Vulnerability description
Foreman is prone to an information disclosure vulnerability.
- Risk description
Users who are logged in with permissions to view some hosts are able to preview provisioning templates for any host by specifying its hostname in the URL, as the specific view_hosts permissions and filters arent checked.
Upgrade to 1.11.4, 1.12.1 or later.
- Not available