Vulnerability DatabaseCVE-2015-1844
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
CVE-2015-1844
Published:August 14, 2015
Updated:May 16, 2026
Foreman before 1.7.5 allows remote authenticated users to bypass organization and location restrictions by connecting through the REST API.
Related Resources (6)
https://groups.google.com/forum/#%21topic/foreman-users/qAGZh5n6n6M
https://access.redhat.com/errata/RHSA-2015:1592
https://groups.google.com/forum/#%21topic/foreman-announce/37KYWhIk4FY
https://github.com/theforeman/foreman/pull/2273
http://projects.theforeman.org/issues/9947
https://access.redhat.com/errata/RHSA-2015:1591
Do you need more information?
Contact Us
CVSS v3
Base Score:
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
LOW
Integrity
NONE
Availability
NONE
CVSS v2
Base Score:
4
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
EPSS
Base Score:
0.26