Redhat » Network Satellite : Security Vulnerabilities, CVEs, CVSS score >= 6

CVE-2014-8162

XML external entity (XXE) in the RPC interface in Spacewalk and Red Hat Network (RHN) Satellite 5.7 and earlier allows remote attackers to read arbitrary files and possibly have other unspecified impact via unknown vectors.
Max CVSS
7.5
EPSS Score
0.72%
Published
2015-05-14
Updated
2023-02-13

CVE-2013-4480

Red Hat Satellite 5.6 and earlier does not disable the web interface that is used to create the first user for a satellite, which allows remote attackers to create administrator accounts.
Max CVSS
7.5
EPSS Score
0.71%
Published
2013-11-18
Updated
2023-02-13

CVE-2013-2143

Public exploit
The users controller in Katello 1.5.0-14 and earlier, and Red Hat Satellite, does not check authorization for the update_roles action, which allows remote authenticated users to gain privileges by setting a user account to an administrator account.
Max CVSS
6.5
EPSS Score
74.85%
Published
2014-04-17
Updated
2021-07-16
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close