Vulnerabilities > Theforeman > Foreman > 1.1.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-07-17 | CVE-2015-5152 | Information Exposure vulnerability in Theforeman Foreman Foreman after 1.1 and before 1.9.0-RC1 does not redirect HTTP requests to HTTPS when the require_ssl setting is set to true, which allows remote attackers to obtain user credentials via a man-in-the-middle attack. | 8.1 |