fkie_nvd - fkie_cve-2024-8553

FKIE_CVE-2024-8553

Vulnerability from fkie_nvd - Published: 2024-10-31 15:15 - Updated: 2024-11-06 09:15

Severity ?

6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Summary

A vulnerability was found in Foreman's loader macros introduced with report templates. These macros may allow an authenticated user with permissions to view and create templates to read any field from Foreman's database. By using specific strings in the loader macros, users can bypass permissions and access sensitive information.

References

	URL	Tags
	secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:8717
	secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:8718
	secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:8719
	secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:8906
	secalert@redhat.com	https://access.redhat.com/security/cve/CVE-2024-8553
	secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=2312524

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability was found in Foreman\u0027s loader macros introduced with report templates. These macros may allow an authenticated user with permissions to view and create templates to read any field from Foreman\u0027s database. By using specific strings in the loader macros, users can bypass permissions and access sensitive information."
    },
    {
      "lang": "es",
      "value": "Se encontr\u00f3 una vulnerabilidad en las macros de carga de Foreman introducidas con las plantillas de informes. Estas macros pueden permitir que un usuario autenticado con permisos para ver y crear plantillas lea cualquier campo de la base de datos de Foreman. Al usar cadenas espec\u00edficas en las macros de carga, los usuarios pueden omitir los permisos y acceder a informaci\u00f3n confidencial."
    }
  ],
  "id": "CVE-2024-8553",
  "lastModified": "2024-11-06T09:15:04.370",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 6.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.4,
        "source": "secalert@redhat.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-10-31T15:15:17.243",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:8717"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:8718"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:8719"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:8906"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/security/cve/CVE-2024-8553"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312524"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "secalert@redhat.com",
      "type": "Secondary"
    }
  ]
}

CVE-2024-8553 (GCVE-0-2024-8553)

Vulnerability from cvelistv5 – Published: 2024-10-31 15:01 – Updated: 2025-11-11 16:10

Title

Foreman: read-only access to entire db from templates

Summary

Severity ?

6.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Assigner

redhat

References

URL

Tags

	https://access.redhat.com/errata/RHSA-2024:8717	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:8718	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:8719	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:8906	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2024-8553	vdb-entryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2312524	issue-trackingx_refsource_REDHAT

Impacted products

Vendor

Product

Version

Red Hat	Red Hat Satellite 6.13 for RHEL 8	Unaffected: 0:3.5.1.25-1.el8sat , < * (rpm) cpe:/a:redhat:satellite_capsule:6.13::el8 cpe:/a:redhat:satellite_maintenance:6.13::el8 cpe:/a:redhat:satellite:6.13::el8 cpe:/a:redhat:satellite_utils:6.13::el8
Red Hat	Red Hat Satellite 6.14 for RHEL 8	Unaffected: 0:3.7.0.14-1.el8sat , < * (rpm) cpe:/a:redhat:satellite:6.14::el8 cpe:/a:redhat:satellite_utils:6.14::el8 cpe:/a:redhat:satellite_capsule:6.14::el8
Red Hat	Red Hat Satellite 6.15 for RHEL 8	Unaffected: 0:3.9.1.11-1.el8sat , < * (rpm) cpe:/a:redhat:satellite:6.15::el8 cpe:/a:redhat:satellite_capsule:6.15::el8 cpe:/a:redhat:satellite_utils:6.15::el8
Red Hat	Red Hat Satellite 6.16 for RHEL 8	Unaffected: 0:3.12.0.1-1.el8sat , < * (rpm) cpe:/a:redhat:satellite_capsule:6.16::el8 cpe:/a:redhat:satellite:6.16::el9 cpe:/a:redhat:satellite_maintenance:6.16::el8 cpe:/a:redhat:satellite:6.16::el8 cpe:/a:redhat:satellite_capsule:6.16::el9 cpe:/a:redhat:satellite_utils:6.16::el9 cpe:/a:redhat:satellite_utils:6.16::el8 cpe:/a:redhat:satellite_maintenance:6.16::el9
Red Hat	Red Hat Satellite 6.16 for RHEL 9	Unaffected: 0:3.12.0.1-1.el9sat , < * (rpm) cpe:/a:redhat:satellite_capsule:6.16::el8 cpe:/a:redhat:satellite:6.16::el9 cpe:/a:redhat:satellite_maintenance:6.16::el8 cpe:/a:redhat:satellite:6.16::el8 cpe:/a:redhat:satellite_capsule:6.16::el9 cpe:/a:redhat:satellite_utils:6.16::el9 cpe:/a:redhat:satellite_utils:6.16::el8 cpe:/a:redhat:satellite_maintenance:6.16::el9

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-8553",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-31T15:52:21.343746Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-31T15:52:36.245Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/theforeman/foreman",
          "defaultStatus": "affected",
          "packageName": "foreman"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite_capsule:6.13::el8",
            "cpe:/a:redhat:satellite_maintenance:6.13::el8",
            "cpe:/a:redhat:satellite:6.13::el8",
            "cpe:/a:redhat:satellite_utils:6.13::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "foreman",
          "product": "Red Hat Satellite 6.13 for RHEL 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.5.1.25-1.el8sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6.14::el8",
            "cpe:/a:redhat:satellite_utils:6.14::el8",
            "cpe:/a:redhat:satellite_capsule:6.14::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "foreman",
          "product": "Red Hat Satellite 6.14 for RHEL 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.7.0.14-1.el8sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6.15::el8",
            "cpe:/a:redhat:satellite_capsule:6.15::el8",
            "cpe:/a:redhat:satellite_utils:6.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "foreman",
          "product": "Red Hat Satellite 6.15 for RHEL 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.9.1.11-1.el8sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite_capsule:6.16::el8",
            "cpe:/a:redhat:satellite:6.16::el9",
            "cpe:/a:redhat:satellite_maintenance:6.16::el8",
            "cpe:/a:redhat:satellite:6.16::el8",
            "cpe:/a:redhat:satellite_capsule:6.16::el9",
            "cpe:/a:redhat:satellite_utils:6.16::el9",
            "cpe:/a:redhat:satellite_utils:6.16::el8",
            "cpe:/a:redhat:satellite_maintenance:6.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "foreman",
          "product": "Red Hat Satellite 6.16 for RHEL 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.12.0.1-1.el8sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite_capsule:6.16::el8",
            "cpe:/a:redhat:satellite:6.16::el9",
            "cpe:/a:redhat:satellite_maintenance:6.16::el8",
            "cpe:/a:redhat:satellite:6.16::el8",
            "cpe:/a:redhat:satellite_capsule:6.16::el9",
            "cpe:/a:redhat:satellite_utils:6.16::el9",
            "cpe:/a:redhat:satellite_utils:6.16::el8",
            "cpe:/a:redhat:satellite_maintenance:6.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "foreman",
          "product": "Red Hat Satellite 6.16 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.12.0.1-1.el9sat",
              "versionType": "rpm"
            }
          ]
        }
      ],
      "datePublic": "2024-10-31T14:29:39.030Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in Foreman\u0027s loader macros introduced with report templates. These macros may allow an authenticated user with permissions to view and create templates to read any field from Foreman\u0027s database. By using specific strings in the loader macros, users can bypass permissions and access sensitive information."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "Exposure of Sensitive Information to an Unauthorized Actor",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-11T16:10:06.757Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:8717",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8717"
        },
        {
          "name": "RHSA-2024:8718",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8718"
        },
        {
          "name": "RHSA-2024:8719",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8719"
        },
        {
          "name": "RHSA-2024:8906",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8906"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-8553"
        },
        {
          "name": "RHBZ#2312524",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312524"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-09-16T07:20:13.067000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-10-31T14:29:39.030000+00:00",
          "value": "Made public."
        }
      ],
      "title": "Foreman: read-only access to entire db from templates",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-8553",
    "datePublished": "2024-10-31T15:01:16.401Z",
    "dateReserved": "2024-09-06T20:25:15.408Z",
    "dateUpdated": "2025-11-11T16:10:06.757Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

FKIE_CVE-2024-8553

CVE-2024-8553 (GCVE-0-2024-8553)

Tags

Sightings

Nomenclature