CVE-2013-4480 – Satellite: Interface to create the initial administrator user remains open after installation

https://notcve.org/view.php?id=CVE-2013-4480

12 Nov 2013 — Red Hat Satellite 5.6 and earlier does not disable the web interface that is used to create the first user for a satellite, which allows remote attackers to create administrator accounts. Red Hat Satellite 5.6 y anteriores versiones no deshabilita la interfaz web que es usada para crear el primer usuario para un satellite, lo que permite a atacantes remotos crear cuentas de administrador. Red Hat Network Satellite is a systems management tool for Linux-based infrastructures. It allows for provisioning, moni... • http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00009.html • CWE-668: Exposure of Resource to Wrong Sphere CWE-862: Missing Authorization •