Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat satellite vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2020-14371
A credential leak vulnerability was found in Red Hat Satellite. This flaw exposes the compute resources credentials through VMs that are running on these resources in Satellite.
Redhat Satellite 6.0
7.5
CVSSv3
CVE-2020-14380
An account takeover flaw was found in Red Hat Satellite 6.7.2 onward. A potential attacker with proper authentication to the relevant external authentication source (SSO or Open ID) can claim the privileges of already existing local users of Satellite.
Redhat Satellite 6.7.2
8.1
CVSSv3
CVE-2021-3414
A flaw was found in satellite. When giving granular permission related to the organization, other permissions allowing a user to view and manage other organizations are also granted. The highest threat from this vulnerability is to data confidentiality.
Redhat Satellite 6.7
5.3
CVSSv3
CVE-2021-20256
A flaw was found in Red Hat Satellite. The BMC interface exposes the password through the API to an authenticated local attacker with view_hosts permission. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Redhat Satellite 6.0
6.1
CVSSv3
CVE-2016-2103
Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Satellite 5 allow remote malicious users to inject arbitrary web script or HTML via (1) the list_1680466951_oldfilterval parameter to systems/PhysicalList.do or (2) unspecified vectors involving systems/VirtualSystems...
Redhat Satellite 5.7
NA
CVE-2012-1145
spacewalk-backend in Red Hat Network Satellite 5.4 on Red Hat Enterprise Linux 6 does not properly authorize or authenticate uploads to the NULL organization when mod_wsgi is used, which allows remote malicious users to cause a denial of service (/var partition disk consumption a...
Redhat Satellite 5.4
6.5
CVSSv3
CVE-2014-3590
Versions of Foreman as shipped with Red Hat Satellite 6 does not check for a correct CSRF token in the logout action. Therefore, an attacker can log out a user by having them view specially crafted content.
Redhat Satellite 6.0
6.1
CVSSv3
CVE-2014-0141
Cross-site scripting (XSS) vulnerability in Red Hat Satellite 6.0.3.
Redhat Satellite 6.0.3
6.1
CVSSv3
CVE-2014-8168
Red Hat Satellite 6 allows local users to access mongod and delete pulp_database.
Redhat Satellite 6.0
NA
CVE-2011-4346
Cross-site scripting (XSS) vulnerability in the web interface in Red Hat Network (RHN) Satellite 5.4.1 allows remote authenticated users to inject arbitrary web script or HTML via the Description field of the asset tag in a Custom Info page.
Redhat Satellite 5.4.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »