[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2013-2113":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":18,"aliases":54,"duplicate_of":9,"upstream":55,"downstream":56,"duplicates":59,"related":60,"reserved_at":9,"published_at":61,"modified_at":62,"state":63,"summary":64,"references_raw":72,"kevs":93,"epss":94,"epss_history":97,"metrics":320,"affected":325},"CVE-2013-2113","The create method in app/controllers/users_controller.rb in Foreman before 1.2.0-RC2 allows remote authenticated users with permissions to create or edit other users to gain privileges by (1) changing the admin flag or (2) assigning an arbitrary role.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":9,"likelihood_of_exploit":9,"capec":17},"CWE-264","Permissions, Privileges, and Access Controls","Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.","category","Obsolete",[],[19,34],{"_key":20,"name":21,"source":22,"url":23,"maturity":24,"reliability_score":25,"verified":26,"type":9,"platforms":27,"requires_auth":9,"exploitdb":29,"metasploit":9},"27776","Foreman (RedHat OpenStack/Satellite) - users/create Mass Assignment (Metasploit)","exploit-database","https://www.exploit-db.com/exploits/27776","poc",0.8,true,[28],"linux",{"verified":26,"type":30,"platform":28,"file":31,"codes":32},"webapps","exploits/linux/webapps/27776.rb",[7,33],"OSVDB-94655",{"_key":35,"name":36,"source":37,"url":38,"maturity":24,"reliability_score":39,"verified":40,"type":41,"platforms":42,"requires_auth":26,"exploitdb":9,"metasploit":43},"MSF_AUXILIARY_ADMIN_HTTP_FOREMAN_OPENSTACK_SATELLITE_PRIV_ESC","Foreman (Red Hat OpenStack/Satellite) users/create Mass Assignment","metasploit","https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/http/foreman_openstack_satellite_priv_esc.rb",0.5,false,"remote",[],{"fullname":44,"rank":45,"rank_name":46,"post_auth":26,"check":40,"notes":47},"auxiliary/admin/http/foreman_openstack_satellite_priv_esc",300,"normal",{"Stability":48,"SideEffects":50,"Reliability":53},[49],"crash-safe",[51,52],"ioc-in-logs","config-changes",[],[],[],[57],{"_key":58},"RHSA-2013:0995",[],[],"2013-07-31T10:00:00.000Z","2024-08-06T15:27:40.949Z","Modified",{"cisa_kev":40,"cisa_ransomware":40,"cisa_vendor":9,"epss_severity":65,"epss_score":66,"severity":67,"severity_score":68,"severity_version":69,"severity_source":70,"severity_vector":71,"severity_status":63},"high",0.47448,"medium",6,"v2.0","nvd","AV:N/AC:M/Au:S/C:P/I:P/A:P",[73,80,85,89],{"url":74,"sources":75,"tags":77},"http://rhn.redhat.com/errata/RHSA-2013-0995.html",[76,70],"cve.org",[78,79],"Vendor Advisory","X Refsource REDHAT",{"url":81,"sources":82,"tags":83},"https://bugzilla.redhat.com/show_bug.cgi?id=968166",[76,70],[84],"X Refsource CONFIRM",{"url":86,"sources":87,"tags":88},"http://projects.theforeman.org/issues/2630",[76,70],[84],{"url":90,"sources":91,"tags":92},"https://groups.google.com/forum/#%21topic/foreman-users/6WpO_3ugiXU",[76,70],[84],[],{"date":95,"score":66,"percentile":96},"2026-06-04",0.97755,[98,101,104,107,109,111,113,115,117,120,123,125,127,129,131,134,136,139,141,143,145,147,150,152,155,158,160,162,165,168,170,172,175,177,179,181,183,186,188,191,194,196,199,202,205,208,211,213,215,217,219,221,224,227,230,233,236,238,241,244,246,248,251,253,256,258,261,264,267,270,272,274,277,280,283,286,288,290,292,294,297,300,302,305,307,309,311,313,315,317],{"date":99,"score":66,"percentile":100},"2025-11-04",0.97552,{"date":102,"score":66,"percentile":103},"2025-11-05",0.97553,{"date":105,"score":66,"percentile":106},"2025-11-06",0.97551,{"date":108,"score":66,"percentile":103},"2025-11-07",{"date":110,"score":66,"percentile":100},"2025-11-08",{"date":112,"score":66,"percentile":103},"2025-11-09",{"date":114,"score":66,"percentile":103},"2025-11-10",{"date":116,"score":66,"percentile":103},"2025-11-11",{"date":118,"score":66,"percentile":119},"2025-11-12",0.97556,{"date":121,"score":66,"percentile":122},"2025-11-13",0.97555,{"date":124,"score":66,"percentile":119},"2025-11-14",{"date":126,"score":66,"percentile":122},"2025-11-15",{"date":128,"score":66,"percentile":122},"2025-11-16",{"date":130,"score":66,"percentile":122},"2025-11-17",{"date":132,"score":66,"percentile":133},"2025-11-18",0.97557,{"date":135,"score":66,"percentile":133},"2025-11-19",{"date":137,"score":66,"percentile":138},"2025-11-20",0.97564,{"date":140,"score":66,"percentile":122},"2025-11-21",{"date":142,"score":66,"percentile":122},"2025-11-22",{"date":144,"score":66,"percentile":122},"2025-11-23",{"date":146,"score":66,"percentile":133},"2025-11-24",{"date":148,"score":66,"percentile":149},"2025-11-25",0.97559,{"date":151,"score":66,"percentile":149},"2025-11-26",{"date":153,"score":66,"percentile":154},"2025-11-27",0.97561,{"date":156,"score":66,"percentile":157},"2025-11-28",0.9756,{"date":159,"score":66,"percentile":133},"2025-11-29",{"date":161,"score":66,"percentile":119},"2025-11-30",{"date":163,"score":66,"percentile":164},"2025-12-01",0.97575,{"date":166,"score":66,"percentile":167},"2025-12-02",0.97574,{"date":169,"score":66,"percentile":164},"2025-12-03",{"date":171,"score":66,"percentile":122},"2025-12-04",{"date":173,"score":66,"percentile":174},"2025-12-05",0.97554,{"date":176,"score":66,"percentile":122},"2025-12-06",{"date":178,"score":66,"percentile":133},"2025-12-07",{"date":180,"score":66,"percentile":149},"2025-12-08",{"date":182,"score":66,"percentile":149},"2025-12-09",{"date":184,"score":66,"percentile":185},"2025-12-10",0.97563,{"date":187,"score":66,"percentile":138},"2025-12-11",{"date":189,"score":66,"percentile":190},"2025-12-12",0.97568,{"date":192,"score":66,"percentile":193},"2025-12-13",0.97571,{"date":195,"score":66,"percentile":190},"2025-12-14",{"date":197,"score":66,"percentile":198},"2025-12-15",0.9757,{"date":200,"score":66,"percentile":201},"2025-12-16",0.97572,{"date":203,"score":66,"percentile":204},"2025-12-17",0.97573,{"date":206,"score":66,"percentile":207},"2025-12-18",0.97576,{"date":209,"score":66,"percentile":210},"2025-12-19",0.97577,{"date":212,"score":66,"percentile":207},"2025-12-20",{"date":214,"score":66,"percentile":207},"2025-12-21",{"date":216,"score":66,"percentile":164},"2025-12-22",{"date":218,"score":66,"percentile":164},"2025-12-23",{"date":220,"score":66,"percentile":207},"2025-12-24",{"date":222,"score":66,"percentile":223},"2025-12-25",0.97578,{"date":225,"score":66,"percentile":226},"2025-12-26",0.97579,{"date":228,"score":66,"percentile":229},"2025-12-27",0.97603,{"date":231,"score":66,"percentile":232},"2025-12-28",0.9758,{"date":234,"score":66,"percentile":235},"2025-12-29",0.97581,{"date":237,"score":66,"percentile":232},"2025-12-30",{"date":239,"score":66,"percentile":240},"2025-12-31",0.97584,{"date":242,"score":66,"percentile":243},"2026-01-01",0.97602,{"date":245,"score":66,"percentile":229},"2026-01-02",{"date":247,"score":66,"percentile":229},"2026-01-03",{"date":249,"score":66,"percentile":250},"2026-01-04",0.97585,{"date":252,"score":66,"percentile":240},"2026-01-05",{"date":254,"score":66,"percentile":255},"2026-01-06",0.97586,{"date":257,"score":66,"percentile":255},"2026-01-07",{"date":259,"score":66,"percentile":260},"2026-01-08",0.97588,{"date":262,"score":66,"percentile":263},"2026-01-09",0.97591,{"date":265,"score":66,"percentile":266},"2026-01-10",0.97592,{"date":268,"score":66,"percentile":269},"2026-01-11",0.9759,{"date":271,"score":66,"percentile":263},"2026-01-12",{"date":273,"score":66,"percentile":266},"2026-01-13",{"date":275,"score":66,"percentile":276},"2026-01-14",0.97595,{"date":278,"score":66,"percentile":279},"2026-01-15",0.97596,{"date":281,"score":66,"percentile":282},"2026-01-16",0.97598,{"date":284,"score":66,"percentile":285},"2026-01-17",0.97601,{"date":287,"score":66,"percentile":276},"2026-01-18",{"date":289,"score":66,"percentile":279},"2026-01-19",{"date":291,"score":66,"percentile":279},"2026-01-20",{"date":293,"score":66,"percentile":279},"2026-01-21",{"date":295,"score":66,"percentile":296},"2026-01-22",0.97597,{"date":298,"score":66,"percentile":299},"2026-01-23",0.976,{"date":301,"score":66,"percentile":285},"2026-01-24",{"date":303,"score":66,"percentile":304},"2026-01-25",0.97599,{"date":306,"score":66,"percentile":299},"2026-01-26",{"date":308,"score":66,"percentile":243},"2026-01-27",{"date":310,"score":66,"percentile":229},"2026-01-28",{"date":312,"score":66,"percentile":243},"2026-01-29",{"date":314,"score":66,"percentile":243},"2026-01-30",{"date":316,"score":66,"percentile":285},"2026-01-31",{"date":318,"score":66,"percentile":319},"2026-02-01",0.97624,[321],{"source":70,"cvss_v2_0":322,"cvss_v3_0":9,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":68,"baseSeverity":9,"vectorString":71,"impactScore":323,"exploitabilityScore":324},6.4,6.8,[326,334],{"ecosystem":9,"name":327,"vendor":328,"product":327,"cpe_part":329,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":330},"openstack","redhat","a",[331],{"version":332,"is_range":40,"range_type":333,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.0","cpe",{"ecosystem":9,"name":335,"vendor":336,"product":335,"cpe_part":329,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":337},"foreman","theforeman",[338,342],{"version":339,"is_range":26,"range_type":333,"version_start":9,"version_start_type":9,"version_end":340,"version_end_type":341,"fixed_in":9},"lte1.2.0","1.2.0","including",{"version":343,"is_range":40,"range_type":333,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.1"]