Candlepin in Red Hat Subscription Asset Manager 1.0 up to and including 1.3 uses a weak authentication scheme when the configuration file does not specify a scheme, which has unspecified impact and attack vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat subscription asset manager 1.1.0 |
||
redhat subscription asset manager 1.0.0 |
||
redhat subscription asset manager 1.2.0 |
||
redhat subscription asset manager 1.2.1 |
||
redhat subscription asset manager 1.3.0 |