Published: 24/08/2022 Updated: 07/11/2023

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 0

The Candlepin component of Red Hat Satellite was affected by an improper authentication flaw. Few factors could allow an malicious user to use the SCA (simple content access) certificate for authentication with Candlepin.

Vulnerable Product	Search on Vulmon	Subscribe to Product
candlepinproject candlepin

Synopsis Low: Satellite 6103 Async Bug Fix Update Type/Severity Security Advisory: Low Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic Updated Satellite 610 packages that fix several bugs are now available for Red Hat Satellite Description Red Hat Satellite ...

Synopsis Moderate: Satellite 611 Release Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update is now available for Red Hat Satellite 611 Description Red Hat Satellite is a systems management tool for Linux-basedin ...

The Candlepin component of Red Hat Satellite was affected by an improper authentication flaw Few factors could allow an attacker to use the SCA (simple content access) certificate for authentication with Candlepin ...

CWE-639 https://github.com/candlepin/candlepin/pull/3199 https://github.com/candlepin/candlepin/pull/3198 https://github.com/candlepin/candlepin/pull/3197 https://bugzilla.redhat.com/show_bug.cgi?id=2034346 https://access.redhat.com/security/cve/CVE-2021-4142 https://access.redhat.com/errata/RHSA-2022:0790 https://nvd.nist.gov

CVE-2021-4142

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect