Redhat » Network Proxy : Security Vulnerabilities, CVEs, Published In 2014
Spacewalk-backend in Red Hat Network (RHN) Satellite and Proxy 5.4 includes cleartext user passwords in an error message when a system registration XML-RPC call fails, which allows remote administrators to obtain the password by reading (1) the server log and (2) an email.
Max CVSS
4.3
EPSS Score
0.14%
Published
2014-02-05
Updated
2022-02-03
The monitoring probe display in spacewalk-java before 2.1.148-1 and Red Hat Network (RHN) Satellite 4.0.0 through 4.2.0 and 5.1.0 through 5.3.0, and Proxy 5.3.0, allows remote authenticated users with permissions to administer monitoring probes to execute arbitrary code via unspecified vectors, related to backticks.
Max CVSS
6.0
EPSS Score
1.68%
Published
2014-04-15
Updated
2022-02-03
2 vulnerabilities found