Skip to main content
CVE-2013-6439 CRITICAL Act Now

Candlepin in Red Hat Subscription Asset Manager 1.0 through 1.3 uses a weak authentication scheme when the configuration file does not specify a scheme, which has unspecified impact and attack. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Red Hat Authentication Bypass Subscription Asset Manager
NVD
CVSS 2.0
9.3
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy