CVE-2016-4995

{"id": "CVE-2016-4995", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.6}]}, "published": "2016-08-19T21:59:10.430", "references": [{"url": "http://projects.theforeman.org/issues/15490", "tags": ["Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://projects.theforeman.org/projects/foreman/repository/revisions/c3c186de12be15e55d9582e54659f765304a1073", "tags": ["Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2018:0336", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://theforeman.org/security.html#2016-4995", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://projects.theforeman.org/issues/15490", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://projects.theforeman.org/projects/foreman/repository/revisions/c3c186de12be15e55d9582e54659f765304a1073", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://access.redhat.com/errata/RHSA-2018:0336", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://theforeman.org/security.html#2016-4995", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "Foreman before 1.11.4 and 1.12.x before 1.12.1 does not properly restrict access to preview provisioning templates, which allows remote authenticated users with permission to view some hosts to obtain sensitive host configuration information via a URL with a hostname."}, {"lang": "es", "value": "Foreman en versiones anteriores a 1.11.4 y 1.12.x en versiones anteriores a 1.12.1 no restringe correctamente el acceso para previsualizar las plantillas de provisionamiento, lo que permite a usuarios remotos autenticados con permisos para ver algunos anfitriones obtener informaci\u00f3n de configuraci\u00f3n de anfitri\u00f3n sensible a trav\u00e9s de una URL con un nombre de anfitri\u00f3n."}], "lastModified": "2025-04-12T10:46:40.837", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:theforeman:foreman:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2E79D62-B04D-4328-8905-FC0501476A7C", "versionEndExcluding": "1.11.4", "versionStartIncluding": "1.11.0"}, {"criteria": "cpe:2.3:a:theforeman:foreman:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B5B32915-2453-4928-8EDC-FA35B382BA47", "versionEndExcluding": "1.12.1", "versionStartIncluding": "1.12.0"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}