cve/2023/CVE-2023-0118.md

### [CVE-2023-0118](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0118)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Satellite%206.11%20for%20RHEL%207&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Satellite%206.11%20for%20RHEL%208&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Satellite%206.12%20for%20RHEL%208&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Satellite%206.13%20for%20RHEL%208&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Satellite%206.14%20for%20RHEL%208&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20OS%20Command%20('OS%20Command%20Injection')&color=brighgreen)

### Description

An arbitrary code execution flaw was found in Foreman. This flaw allows an admin user to bypass safe mode in templates and execute arbitrary code on the underlying operating system.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
Update CVE sources 2024-05-28 08:49 2024-05-28 08:49:17 +00:00			`### [CVE-2023-0118](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0118)`
			`![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Satellite%206.11%20for%20RHEL%207&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Satellite%206.11%20for%20RHEL%208&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Satellite%206.12%20for%20RHEL%208&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Satellite%206.13%20for%20RHEL%208&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Satellite%206.14%20for%20RHEL%208&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20OS%20Command%20('OS%20Command%20Injection')&color=brighgreen)`

			`### Description`

			`An arbitrary code execution flaw was found in Foreman. This flaw allows an admin user to bypass safe mode in templates and execute arbitrary code on the underlying operating system.`

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/fkie-cad/nvd-json-data-feeds`