Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2013:1514
HistoryNov 12, 2013 - 12:00 a.m.

(RHSA-2013:1514) Critical: spacewalk-java security update

2013-11-1200:00:00
access.redhat.com
16

EPSS

0.008

Percentile

81.5%

JSON

Red Hat Satellite is a systems management tool for Linux-based infrastructures.
It allows for provisioning, monitoring, and remote management of multiple Linux
deployments with a single, centralized tool. The spacewalk-java packages contain
the code for the Java version of the Spacewalk Web site.

It was found that the web interface provided by Red Hat Satellite to create the
initial administrator user was not disabled after the initial user was created.
A remote attacker could use this flaw to create an administrator user with
credentials they specify. This user could then be used to assume control of the
Satellite server. (CVE-2013-4480)

This issue was discovered by Andrew Spurrier of Red Hat.

All spacewalk-java users are advised to upgrade to these updated packages,
which contain a backported patch to correct this issue.

OSVersionArchitecturePackageVersionFilename
RedHat6noarchspacewalk-java-postgresql< 2.0.2-48.el6satspacewalk-java-postgresql-2.0.2-48.el6sat.noarch.rpm
RedHat6noarchspacewalk-java-config< 1.7.54-121.el6satspacewalk-java-config-1.7.54-121.el6sat.noarch.rpm
RedHat5noarchspacewalk-java< 2.0.2-48.el5satspacewalk-java-2.0.2-48.el5sat.noarch.rpm
RedHat6noarchspacewalk-java< 1.2.39-135.el6satspacewalk-java-1.2.39-135.el6sat.noarch.rpm
RedHat5noarchspacewalk-java< 1.2.39-135.el5satspacewalk-java-1.2.39-135.el5sat.noarch.rpm
RedHat5noarchspacewalk-java-lib< 2.0.2-48.el5satspacewalk-java-lib-2.0.2-48.el5sat.noarch.rpm
RedHat6noarchspacewalk-java-lib< 1.7.54-121.el6satspacewalk-java-lib-1.7.54-121.el6sat.noarch.rpm
RedHat5noarchspacewalk-java-lib< 1.2.39-135.el5satspacewalk-java-lib-1.2.39-135.el5sat.noarch.rpm
RedHat6noarchspacewalk-java< 1.7.54-121.el6satspacewalk-java-1.7.54-121.el6sat.noarch.rpm
RedHat5srcspacewalk-java< 1.2.39-135.el5satspacewalk-java-1.2.39-135.el5sat.src.rpm
Rows per page:
1-10 of 431

Related

cvelist 1
nessus 2
prion 1
suse 1
veracode 1
redhat 1
cve 1
nvd 1
cvelist
cvelist
CVE-2013-4480
2013-11-15 18:16:00
nessus
nessus
RHEL 5 : rhn-java-sat in Satellite Server (RHSA-2013:1513)
2013-11-13 00:00:00
RHEL 5 / 6 : spacewalk-java in Satellite Server (RHSA-2013:1514)
2013-11-13 00:00:00
prion
prion
Design/Logic Flaw
2013-11-18 02:55:00
suse
suse
Security update for spacewalk-java (critical)
2013-11-12 23:04:12
veracode
veracode
Privilege Escalation
2019-01-15 09:01:15
redhat
redhat
(RHSA-2013:1513) Critical: rhn-java-sat security update
2013-11-12 00:00:00
cve
cve
CVE-2013-4480
2013-11-18 02:55:07
nvd
nvd
CVE-2013-4480
2013-11-18 02:55:07

EPSS

0.008

Percentile

81.5%

JSON
Related for RHSA-2013:1514
cvelist1nessus2prion1suse1veracode1redhat1cve1nvd1