Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat satellite 6.0 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2014-3590
Versions of Foreman as shipped with Red Hat Satellite 6 does not check for a correct CSRF token in the logout action. Therefore, an attacker can log out a user by having them view specially crafted content.
Redhat Satellite 6.0
409
VMScore
CVE-2021-20256
A flaw was found in Red Hat Satellite. The BMC interface exposes the password through the API to an authenticated local attacker with view_hosts permission. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Redhat Satellite 6.0
187
VMScore
CVE-2020-14335
A flaw was found in Red Hat Satellite, which allows a privileged malicious user to read OMAPI secrets through the ISC DHCP of Smart-Proxy. This flaw allows an malicious user to gain control of DHCP records from the network. The highest threat from this vulnerability is to system ...
Redhat Satellite 6.0
356
VMScore
CVE-2017-15136
When registering and activating a new system with Red Hat Satellite 6 if the new systems hostname is then reset to the hostname of a previously registered system the previously registered system will lose access to updates including security updates.
Redhat Satellite 6.0
409
VMScore
CVE-2020-14334
A flaw was found in Red Hat Satellite 6 which allows privileged malicious user to read cache files. These cache credentials could help malicious user to gain complete control of the Satellite instance.
Redhat Satellite 6.0
356
VMScore
CVE-2020-14371
A credential leak vulnerability was found in Red Hat Satellite. This flaw exposes the compute resources credentials through VMs that are running on these resources in Satellite.
Redhat Satellite 6.0
409
VMScore
CVE-2014-8168
Red Hat Satellite 6 allows local users to access mongod and delete pulp_database.
Redhat Satellite 6.0
NA
CVE-2022-3874
A command injection flaw was found in foreman. This flaw allows an authenticated user with admin privileges on the foreman instance to transpile commands through CoreOS and Fedora CoreOS configurations in templates, possibly resulting in arbitrary command execution on the underly...
Redhat Satellite 6.0
Theforeman Foreman -
312
VMScore
CVE-2018-16887
A cross-site scripting (XSS) flaw was found in the katello component of Satellite. An attacker with privilege to create/edit organizations and locations is able to execute a XSS attacks against other users through the Subscriptions or the Red Hat Repositories wizards. This can po...
Redhat Satellite 6.0
Theforeman Katello
NA
CVE-2023-4886
A sensitive information exposure vulnerability was found in foreman. Contents of tomcat's server.xml file, which contain passwords to candlepin's keystore and truststore, were found to be world readable.
Theforeman Foreman
Redhat Satellite 6.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »