Vulnerability Details : CVE-2018-1097
A flaw was found in foreman before 1.16.1. The issue allows users with limited permissions for powering oVirt/RHV hosts on and off to discover the username and password used to connect to the compute resource.
Vulnerability category: Information leak
Products affected by CVE-2018-1097
- cpe:2.3:a:redhat:satellite:6.4:*:*:*:*:*:*:*
- cpe:2.3:a:theforeman:foreman:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-1097
0.40%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 58 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-1097
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
4.0
|
MEDIUM | AV:N/AC:L/Au:S/C:P/I:N/A:N |
8.0
|
2.9
|
NIST | |
|
8.8
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST |
CWE ids for CVE-2018-1097
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by:
- nvd@nist.gov (Secondary)
- secalert@redhat.com (Primary)
References for CVE-2018-1097
-
https://github.com/theforeman/foreman/pull/5369
Fixes #22546 - Return power action status for ovirt by orrabin · Pull Request #5369 · theforeman/foreman · GitHubIssue Tracking;Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2018:2927
RHSA-2018:2927 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=1561723
1561723 – (CVE-2018-1097) CVE-2018-1097 foreman: Ovirt admin password exposed by foreman APIIssue Tracking;Third Party Advisory
-
https://projects.theforeman.org/issues/22546
Bug #22546: CVE-2018-1097: curl api to change power state on ovirt compute_resource exposes credentials - ForemanIssue Tracking;Vendor Advisory
Jump to