Lucene search
RedhatCVE-2013-2056HistoryJul 31, 2013 - 1:20 p.m.
CVE-2013-2056
2013-07-3113:20:24
CWE-287
redhat
web.nvd.nist.gov
30
cve-2013-2056
inter-satellite sync
rhn satellite
remote attack
authentication bypass
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.9
Confidence
Low
EPSS
0.003
Percentile
70.3%
The Inter-Satellite Sync (ISS) operation in Red Hat Network (RHN) Satellite 5.3, 5.4, and 5.5 does not properly check client “authenticity,” which allows remote attackers to obtain channel content by skipping the initial authentication call.
Affected configurations
Node
redhatsatelliteMatch5.3
ORredhatsatelliteMatch5.4
ORredhatsatelliteMatch5.5
Related
prion
prion
Authentication flaw
2013-07-31 13:20:00
nvd
nvd
CVE-2013-2056
2013-07-31 13:20:24
redhat
redhat
nessus
nessus
RHEL 5 / 6 : spacewalk-backend in Satellite Server (RHSA-2013:0848)
2013-05-22 00:00:00
cvelist
cvelist
CVE-2013-2056
2013-07-31 10:00:00
veracode
veracode
Information Disclosure
2019-01-15 08:53:42
suse
suse
Security update for SUSE Manager (important)
2013-05-28 20:04:32
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.9
Confidence
Low
EPSS
0.003
Percentile
70.3%
Related for CVE-2013-2056