Skip to main content

Network Satellite

4 CVEs product

Monthly

CVE-2014-8162 HIGH This Week

XML external entity (XXE) in the RPC interface in Spacewalk and Red Hat Network (RHN) Satellite 5.7 and earlier allows remote attackers to read arbitrary files and possibly have other unspecified. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Red Hat XXE Network Satellite Manager
NVD
CVSS 2.0
7.5
EPSS
0.6%
CVE-2014-7811 LOW Monitor

Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk and Red Hat Network (RHN) Satellite before 5.7.0 allow remote authenticated users to inject arbitrary web script or HTML via crafted. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

XSS Red Hat Network Satellite Spacewalk Manager
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2013-2143 MEDIUM POC THREAT This Month

The users controller in Katello 1.5.0-14 and earlier, and Red Hat Satellite, does not check authorization for the update_roles action, which allows remote authenticated users to gain privileges by. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 61.5%.

Red Hat Information Disclosure Network Satellite Katello
NVD Exploit-DB VulDB
CVSS 2.0
6.5
EPSS
61.5%
Threat
4.6
CVE-2013-4480 HIGH PATCH This Week

Red Hat Satellite 5.6 and earlier does not disable the web interface that is used to create the first user for a satellite, which allows remote attackers to create administrator accounts. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Resource to Wrong Sphere vulnerability could allow attackers to access resources from an unintended security context.

Red Hat Information Disclosure Network Satellite Satellite Satellite With Embedded Oracle +2
NVD
CVSS 2.0
7.5
EPSS
0.7%
EPSS 1% CVSS 7.5
HIGH This Week

XML external entity (XXE) in the RPC interface in Spacewalk and Red Hat Network (RHN) Satellite 5.7 and earlier allows remote attackers to read arbitrary files and possibly have other unspecified. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Red Hat XXE Network Satellite +1
NVD
EPSS 0% CVSS 3.5
LOW Monitor

Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk and Red Hat Network (RHN) Satellite before 5.7.0 allow remote authenticated users to inject arbitrary web script or HTML via crafted. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

XSS Red Hat Network Satellite +2
NVD
EPSS 61% 4.6 CVSS 6.5
MEDIUM POC THREAT This Month

The users controller in Katello 1.5.0-14 and earlier, and Red Hat Satellite, does not check authorization for the update_roles action, which allows remote authenticated users to gain privileges by. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 61.5%.

Red Hat Information Disclosure Network Satellite +1
NVD Exploit-DB VulDB
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Red Hat Satellite 5.6 and earlier does not disable the web interface that is used to create the first user for a satellite, which allows remote attackers to create administrator accounts. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Resource to Wrong Sphere vulnerability could allow attackers to access resources from an unintended security context.

Red Hat Information Disclosure Network Satellite +4
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy