Security Advisory

CVE-2014-3691

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2015-03-09 14:00:00

Last updated 2024-08-06 10:50:17

Assigner redhat

State PUBLISHED

Description

Smart Proxy (aka Smart-Proxy and foreman-proxy) in Foreman before 1.5.4 and 1.6.x before 1.6.2 does not validate SSL certificates, which allows remote attackers to bypass intended authentication and execute arbitrary API requests via a request without a certificate.

← Browse all CVEs View on cve.org ↗