EUVD-2019-13465

Malware in sbrugna...

Important: Red Hat Security Advisory: Red Hat Satellite Client security and bug fix update

An update for foremanyggworker, puppet-agent, qpid-proton, and yggdrasil is now available for Satellite Client 6 for RHEL 6, Satellite Client 6 for RHEL 7, Satellite Client 6 for RHEL 8, and Satellite Client 6 for RHEL 9. Red Hat Product Security has rated this update as having a security impact ...

Improper Access Control

Red Hat Satellite is vulnerable to improper access control vulnerability. The vulnerability exists in the message queues maintained by Satellite's QPID broker and used by katello-agent. A malicious user with authentication to a host registered to Satellite could execute privilege commands to acce...

CVE-2019-3845

A lack of access control was found in the message queues maintained by Satellite's QPID broker and used by katello-agent in versions before Satellite 6.2, Satellite 6.1 optional and Satellite Capsule 6.1. A malicious user authenticated to a host registered to Satellite or Capsule can use this fla...

CVE-2019-3845

A lack of access control was found in the message queues maintained by Satellite's QPID broker and used by katello-agent in versions before Satellite 6.2, Satellite 6.1 optional and Satellite Capsule 6.1. A malicious user authenticated to a host registered to Satellite or Capsule can use this fla...

CVE-2019-3845

CVE-2019-3845 affects Red Hat Satellite tools (qpid-dispatch-router). The root cause is exposed QMF methods via qdrouterd, enabling an attacker authenticated on a registered host to access QMF methods across registered hosts and execute privileged commands. Red Hat issued RHSA-2019:1223 to addres...