CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-20256 – Satellite: BMC controller credential leak via API
https://notcve.org/view.php?id=CVE-2021-20256
23 Feb 2021 — A flaw was found in Red Hat Satellite. The BMC interface exposes the password through the API to an authenticated local attacker with view_hosts permission. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se encontró un fallo en Red Hat Satellite. La interfaz BMC expone la contraseña mediante la API a un atacante local autenticado con permiso view_hosts. • https://bugzilla.redhat.com/show_bug.cgi?id=1930926 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-14380 – Satellite: Local user impersonation by Single sign-on (SSO) user leads to account takeover
https://notcve.org/view.php?id=CVE-2020-14380
27 Oct 2020 — An account takeover flaw was found in Red Hat Satellite 6.7.2 onward. A potential attacker with proper authentication to the relevant external authentication source (SSO or Open ID) can claim the privileges of already existing local users of Satellite. Se ha encontrado un fallo de toma de posesión de cuentas en Red Hat Satellite versiones 6.7.2 en adelante. Un potencial atacante con la autenticación apropiada a la fuente de autenticación externa relevante (SSO u Open ID) puede reclamar los privilegios de lo... • https://bugzilla.redhat.com/show_bug.cgi?id=1873926 • CWE-287: Improper Authentication •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-14334 – foreman: unauthorized cache read on RPM-based installations through local user
https://notcve.org/view.php?id=CVE-2020-14334
31 Jul 2020 — A flaw was found in Red Hat Satellite 6 which allows privileged attacker to read cache files. These cache credentials could help attacker to gain complete control of the Satellite instance. Se encontró un fallo en Red Hat Satellite versión 6, lo que permite a un atacante privilegiado leer los archivos de la caché. Estas credenciales de la caché podrían ayudar al atacante a conseguir el control completo de la instancia de Satellite A flaw was found in Red Hat Satellite. An attacker could gain access to cache... • https://bugzilla.redhat.com/show_bug.cgi?id=1858284 • CWE-522: Insufficiently Protected Credentials •
CVSS: 5.3EPSS: 0%CPEs: 13EXPL: 0CVE-2020-10693 – hibernate-validator: Improper input validation in the interpolation of constraint error messages
https://notcve.org/view.php?id=CVE-2020-10693
06 May 2020 — A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL expressions to be evaluated as if they were valid. This flaw allows attackers to bypass input sanitation (escaping, stripping) controls that developers may have put in place when handling user-controlled data in error messages. Se encontró un fallo en Hibernate Validator versión 6.1.2.Final. Un error en el procesador de interpolación de mensajes permite evaluar expresiones EL no válid... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10693 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-3590 – rhn_satellite_6: cross-site request forgery (CSRF) can force logout
https://notcve.org/view.php?id=CVE-2014-3590
02 Jan 2020 — Versions of Foreman as shipped with Red Hat Satellite 6 does not check for a correct CSRF token in the logout action. Therefore, an attacker can log out a user by having them view specially crafted content. Se descubrió que la implementación de la clase GTNSubjectCreatingInterceptor en gatein-wsrp no era segura para subprocesos o hilos. Para un endpoint WSRP específico, en escenarios de alta concurrencia o escenarios en los que los mensajes SOAP tardan en ser ejecutados, era posible que un atacante remoto n... • https://access.redhat.com/security/cve/cve-2014-3590 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2014-0241
https://notcve.org/view.php?id=CVE-2014-0241
13 Dec 2019 — rubygem-hammer_cli_foreman: File /etc/hammer/cli.modules.d/foreman.yml world readable rubygem-hammer_cli_foreman: El archivo /etc/hammer/cli.modules.d/foreman.yml es de tipo world readable. • https://access.redhat.com/security/cve/cve-2014-0241 • CWE-522: Insufficiently Protected Credentials •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 2CVE-2013-2101
https://notcve.org/view.php?id=CVE-2013-2101
03 Dec 2019 — Katello has multiple XSS issues in various entities Katello presenta múltiples problemas de tipo XSS en varias entidades. • https://access.redhat.com/security/cve/cve-2013-2101 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2012-5562
https://notcve.org/view.php?id=CVE-2012-5562
02 Dec 2019 — rhn-proxy: may transmit credentials over clear-text when accessing RHN Satellite rhn-proxy: puede transmitir credenciales sobre texto sin cifrar cuando se accesa a RHN Satellite. • https://access.redhat.com/security/cve/cve-2012-5562 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 6.5EPSS: 2%CPEs: 11EXPL: 1CVE-2013-6461
https://notcve.org/view.php?id=CVE-2013-6461
05 Nov 2019 — Nokogiri gem 1.5.x and 1.6.x has DoS while parsing XML entities by failing to apply limits La gema Nokogiri versiones 1.5.x y 1.6.x, tienebn una DoS durante el análisis de entidades XML al fallar para aplicar límites. • http://www.openwall.com/lists/oss-security/2013/12/27/2 • CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') •
CVSS: 6.5EPSS: 2%CPEs: 11EXPL: 1CVE-2013-6460
https://notcve.org/view.php?id=CVE-2013-6460
05 Nov 2019 — Nokogiri gem 1.5.x has Denial of Service via infinite loop when parsing XML documents La gema Nokogiri versiones 1.5.x, tiene una Denegación de Servicio por medio de un bucle infinito cuando se analizan documentos XML. • http://www.openwall.com/lists/oss-security/2013/12/27/2 • CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') •