foreman-proxy: restriction bypass
| Package(s): | foreman-proxy | CVE #(s): | CVE-2014-3691 | ||||||||
| Created: | March 4, 2015 | Updated: | March 4, 2015 | ||||||||
| Description: | From the Red Hat advisory:
It was discovered that foreman-proxy, when running in SSL-secured mode, did not correctly verify SSL client certificates. This could permit any client with access to the API to make requests and perform actions otherwise restricted. | ||||||||||
| Alerts: |
| ||||||||||