CVE-2017-7540 in Foreman정보

요약

\~에 의해 MITRE

rubygem-safemode, as used in Foreman, versions 1.3.2 and earlier are vulnerable to bypassing safe mode limitations via special Ruby syntax. This can lead to deletion of objects for which the user does not have delete permissions or possibly to privilege escalation.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

예약하다

2017. 04. 05.

공개

2017. 07. 21.

모더레이션

수락

항목

VDB-104379

CPE

준비됨

CWE

CWE-264 (확인됨)

CVSS

9.8 (NVD)

EPSS

0.00289

KEV

아니요

활동

매우 낮음

부문

Energy, Telecommunication, ...

출처

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-7540
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-7540
CVE Details	https://www.cvedetails.com/cve/CVE-2017-7540/

◂ 이전 개요 다음 ▸

Do you need the next level of professionalism?

Upgrade your account now!