Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An authentication bypass flaw was found in the smart_proxy_dynflow component used by Foreman. A malicious attacker can use this flaw to remotely execute arbitrary commands on machines managed by vulnerable Foreman instances, in a highly privileged context.
CVSS Information
N/A
Vulnerability Type
CWE-592
Vulnerability Title
Foreman smart_proxy_dynflow组件安全漏洞
Vulnerability Description
Foreman是一套用于物理和虚拟服务器中的生命周期管理工具。该工具提供服务开通、配置管理以及报告状态等功能。smart_proxy_dynflow是其中的一个代理组件。 Foreman中使用的smart_proxy_dynflow组件存在身份验证绕过漏洞。远程攻击者可利用该漏洞在受影响进程所管理的设备上执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A