CVE-2016-3728

EPSS 2.02%
Published 20.05.2016 14:59:04
Last modified 12.04.2025 10:46:40
Source secalert@redhat.com
Teams watchlist Login
Open Login

Eval injection vulnerability in tftp_api.rb in the TFTP module in the Smart-Proxy in Foreman before 1.10.4 and 1.11.x before 1.11.2 allows remote attackers to execute arbitrary code via the PXE template type portion of the PATH_INFO to tftp/.

Affected products Warnungen 0 Metrics 3 CWE 1 References 8

Data is provided by the National Vulnerability Database (NVD)

Theforeman ≫ Foreman Version1.11.0

Theforeman ≫ Foreman Version1.11.0 Updaterc1

Theforeman ≫ Foreman Version1.11.0 Updaterc2

Theforeman ≫ Foreman Version1.11.0 Updaterc3

Theforeman ≫ Foreman Version1.11.1

Theforeman ≫ Foreman Version1.10.3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	2.02%	0.83

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

http://projects.theforeman.org/issues/14931

http://theforeman.org/security.html#2016-3728

Vendor Advisory

http://www.openwall.com/lists/oss-security/2016/05/19/2

https://access.redhat.com/errata/RHBA-2016:1501

https://github.com/theforeman/smart-proxy/commit/eef532aa668d656b9d61d9c6edf7c2505f3f43c7

https://nvd.nist.gov/vuln/detail/CVE-2016-3728

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-3728

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-3728

EUVD