11 matches found
Low: Red Hat Security Advisory: Red Hat Satellite IBM Java Runtime security update
Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Satellite 5.6 and 5.7. Red Hat Product Security has rated this update as having Low security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
RHEL 5 / 6 : spacewalk-java (RHSA-2014:1762)
Updated spacewalk-java packages that fix one security issue are now available for Red Hat Satellite 5.5 and 5.6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Cross site scripting
Cross-site scripting XSS vulnerability in account/EditAddress.do in Spacewalk and Red Hat Network RHN Satellite 5.6 allows remote attackers to inject arbitrary web script or HTML via the type parameter...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Spacewalk and Red Hat Network RHN Satellite 5.6 allow remote attackers to inject arbitrary web script or HTML via the 1 whereCriteria variable in a software channels search; 2 endyear, 3 starthour, 4 endampm, 5 endday, 6 endhour, 7 endminute, 8...
CVE-2013-1871
Cross-site scripting XSS vulnerability in account/EditAddress.do in Spacewalk and Red Hat Network RHN Satellite 5.6 allows remote attackers to inject arbitrary web script or HTML via the type parameter...
CVE-2013-4415
Multiple cross-site scripting XSS vulnerabilities in Spacewalk and Red Hat Network RHN Satellite 5.6 allow remote attackers to inject arbitrary web script or HTML via the 1 whereCriteria variable in a software channels search; 2 endyear, 3 starthour, 4 endampm, 5 endday, 6 endhour, 7 endminute, 8...
CVE-2013-4415
CVE-2013-4415 affects Red Hat Satellite/Spacewalk (Spacewalk 5.6 and RHN Satellite). The connected sources describe multiple cross-site scripting (XSS) vulnerabilities in the Red Hat Satellite web interface, enabling remote attackers to inject arbitrary web script or HTML via numerous parameters ...
CVE-2013-1871
CVE-2013-1871 affects Spacewalk and Red Hat Network Satellite 5.6. The vulnerability is a Cross-Site Scripting (XSS) flaw in account/EditAddress.do that allows an attacker to inject arbitrary web script or HTML through the type parameter. Root cause is insufficient input sanitization in the web i...
CVE-2012-6149
CVE-2012-6149 describes multiple XSS vulnerabilities in Spacewalk/RHN Satellite 5.6 via notes.jsp (subject/content) that allow an authenticated or remote attacker to inject scripts in the notes system.addNote XML-RPC flow. Connected sources identify Spacewalk 5.6 as affected and describe the root...
CVE-2013-4480
Red Hat Satellite 5.6 and earlier does not disable the web interface that is used to create the first user for a satellite, which allows remote attackers to create administrator accounts...
CVE-2013-4480
CVE-2013-4480 affects Red Hat Satellite 5.6 and earlier. The root cause is that the web interface used to create the initial administrator user was not disabled after setup, enabling a remote attacker to create an admin account. Documented impact is the potential for unauthorized administrative a...