4 matches found
RHEL 7 : redhat-certification (RHSA-2018:2373)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2373 advisory. The redhat-certification package provides partners with a unified web-based user interface to certify their products for use on Red Hat...
Critical: Red Hat Security Advisory: redhat-certification security update
An update for redhat-certification is now available for Red Hat Certification for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
CVE-2018-10870
redhat-certification does not properly sanitize paths in rhcertStore.py:saveResultsFile. A remote attacker could use this flaw to overwrite any file, potentially gaining remote code execution...
CVE-2018-10870
CVE-2018-10870 affects the Red Hat package redhat-certification. The issue is in rhcertStore.py:__saveResultsFile, which allows writing arbitrary files and can lead to remote code execution. Public sources (NVD, RHSA-2018:2373) describe the vulnerability as high/critical with network attack vecto...