Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2018/08/16 12:0 a.m.40 views

RHEL 7 : redhat-certification (RHSA-2018:2373)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2373 advisory. The redhat-certification package provides partners with a unified web-based user interface to certify their products for use on Red Hat...

9.8CVSS6.9AI score0.06182EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2018/08/09 5:23 p.m.89 views

Critical: Red Hat Security Advisory: redhat-certification security update

An update for redhat-certification is now available for Red Hat Certification for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS6.7AI score0.06182EPSS
Exploits0References4
CVE
CVE
added 2018/07/19 10:0 p.m.114 views

CVE-2018-10869

The CVE-2018-10869 vulnerability affects redhat-certification and allows a remote attacker to download any file accessible by the web server user via the /download page due to improper access restriction. Red Hat’s RHSA-2018:2373 (and related advisories) document this issue and provide a security...

7.5CVSS7.6AI score0.02768EPSS
Exploits0References3Affected Software2
RedhatCVE
RedhatCVE
added 2018/07/19 8:49 a.m.30 views

CVE-2018-10869

It was discovered that redhat-certification does not properly restrict files that can be download through the /download page. A remote attacker may download any file accessible by the user running httpd. Mitigation If SELinux is enabled it further restricts the set of files that can be downloaded...

7.5CVSS1.6AI score0.02768EPSS
Exploits0References2
Rows per page
Query Builder