3 matches found
CVE-2021-40348
Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code injection. rhn-config-satellite.pl doesn't sanitize the configuration filename used to append Spacewalk-specific key-value pair. The script is intended to be run by the tomcat user account with Sudo, according to the installation...
CVE-2021-40348
CVE-2021-40348 affects Spacewalk 2.10 and derivatives (Uyuni 2021.08) due to an unsanitized configuration filename in rhn-config-satellite.pl, enabling potential code injection when the Spacewalk-specific key/value is appended and the script runs as root via sudo. Concrete details from multiple c...
CVE-2021-40348
Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code injection. rhn-config-satellite.pl doesn't sanitize the configuration filename used to append Spacewalk-specific key-value pair. The script is intended to be run by the tomcat user account with Sudo, according to the installation...