CVE-2009-4139 Spacewalk-java: spacewalk: red hat network satellite: spacewalk java: privilege escalation via cross-site request forgery

A flaw was found in Spacewalk Java site packages. This cross-site request forgery CSRF vulnerability allows a remote attacker to hijack the authentication of arbitrary users. This can lead to unauthorized actions, including disabling user accounts, adding new user accounts, or escalating privileg...

CVE-2009-4139

The CVE-2009-4139 entry describes a Cross-Site Request Forgery (CSRF) vulnerability in Spacewalk’s spacewalk-java (version 1.2.39) used by Red Hat Network Satellite server (5.3.0–5.4.1) and related products. The issue allows an attacker, by deceiving an authenticated user, to hijack that user’s s...

Moderate: Red Hat Security Advisory: Red Hat Network Satellite server spacewalk-java security update

Updated spacewalk-java packages that fix one security issue are now available for Red Hat Network Satellite 5.4.1 for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, whi...

Spacewalk: CSRF in all web portal forms

Cross-site request forgery CSRF vulnerability in the Spacewalk Java site packages aka spacewalk-java 1.2.39 in Spacewalk, as used in the server in Red Hat Network Satellite 5.3.0 through 5.4.1 and other products, allows remote attackers to hijack the authentication of arbitrary users for requests...