Security Advisory

CVE-2013-2113

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2013-07-31 10:00:00

Last updated 2024-08-06 15:27:40

Assigner redhat

State PUBLISHED

Description

The create method in app/controllers/users_controller.rb in Foreman before 1.2.0-RC2 allows remote authenticated users with permissions to create or edit other users to gain privileges by (1) changing the admin flag or (2) assigning an arbitrary role.

← Browse all CVEs View on cve.org ↗