CSRF Vulnerability in Foreman Products by Red Hat
CVE-2014-3590

6.5MEDIUM

Key Information:

Vendor: Red Hat Satellite 6
Status: Red Hat Satellite 6
Vendor: CVE Published:; 2 January 2020

🔔 Create Red Hat Satellite 6 Vulnerability Alert

What is CVE-2014-3590?

The Foreman web application, as included with Red Hat Satellite 6, lacks proper validation for CSRF tokens during logout processes. This oversight allows attackers to force users to log out without their consent by tricking them into opening malicious links. As a result, session management is compromised, which could lead to unauthorized access and user impact if exploited in conjunction with other vulnerabilities.