CVE-2014-0135
08.05.2014, 14:29
Kafo before 0.3.17 and 0.4.x before 0.5.2, as used by Foreman, uses world-readable permissions for default_values.yaml, which allows local users to obtain passwords and other sensitive information by reading the file.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| theforeman | kafo | 𝑥 ≤ 0.3.16 |
| theforeman | kafo | 0.0.1 |
| theforeman | kafo | 0.0.2 |
| theforeman | kafo | 0.0.3 |
| theforeman | kafo | 0.0.4 |
| theforeman | kafo | 0.0.5 |
| theforeman | kafo | 0.0.6 |
| theforeman | kafo | 0.0.7 |
| theforeman | kafo | 0.0.8 |
| theforeman | kafo | 0.0.9 |
| theforeman | kafo | 0.0.10 |
| theforeman | kafo | 0.0.11 |
| theforeman | kafo | 0.0.12 |
| theforeman | kafo | 0.0.13 |
| theforeman | kafo | 0.0.14 |
| theforeman | kafo | 0.0.15 |
| theforeman | kafo | 0.0.16 |
| theforeman | kafo | 0.0.17 |
| theforeman | kafo | 0.1.0 |
| theforeman | kafo | 0.2.0 |
| theforeman | kafo | 0.2.1 |
| theforeman | kafo | 0.2.2 |
| theforeman | kafo | 0.3.0 |
| theforeman | kafo | 0.3.1 |
| theforeman | kafo | 0.3.2 |
| theforeman | kafo | 0.3.3 |
| theforeman | kafo | 0.3.4 |
| theforeman | kafo | 0.3.5 |
| theforeman | kafo | 0.3.6 |
| theforeman | kafo | 0.3.7 |
| theforeman | kafo | 0.3.8 |
| theforeman | kafo | 0.3.9 |
| theforeman | kafo | 0.3.10 |
| theforeman | kafo | 0.3.11 |
| theforeman | kafo | 0.3.12 |
| theforeman | kafo | 0.3.13 |
| theforeman | kafo | 0.3.14 |
| theforeman | kafo | 0.3.15 |
| theforeman | kafo | 0.4.0 |
| theforeman | kafo | 0.5.0 |
| theforeman | kafo | 0.5.1 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration