| Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2013-0173 | 5.0 |
Foreman before 1.1 uses a salt of "foreman" to hash root passwords, which makes it easier for attackers to guess the password via a brute force attack.
|
08-05-2014 - 14:59 | 08-05-2014 - 14:29 | |
| CVE-2013-0174 | 5.0 |
The external node classifier (ENC) API in Foreman before 1.1 allows remote attackers to obtain the hashed root password via an API request.
|
08-05-2014 - 14:58 | 08-05-2014 - 14:29 | |
| CVE-2013-0171 | 7.5 |
Foreman before 1.1 allows remote attackers to execute arbitrary code via a crafted YAML object to the (1) fact or (2) report import API.
|
08-05-2014 - 14:52 | 08-05-2014 - 14:29 |