Red Hat Network (RHN) Satellite 5.3 and 5.4 exposes a dangerous, obsolete XML-RPC API, which allows remote authenticated users to access arbitrary files and cause a denial of service (failed yum operations) via vectors related to configuration and package group (comps.xml) files for channels.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat satellite 5.4 |
||
redhat satellite 5.3 |