Lucene search

K

5 matches found

CVE
CVE
added 2021/06/02 1:15 p.m.96 views

CVE-2020-14380

An account takeover flaw was found in Red Hat Satellite 6.7.2 onward. A potential attacker with proper authentication to the relevant external authentication source (SSO or Open ID) can claim the privileges of already existing local users of Satellite.

7.5CVSS7.4AI score0.00248EPSS
CVE
CVE
added 2021/04/08 11:15 p.m.92 views

CVE-2021-3413

A flaw was found in Red Hat Satellite in tfm-rubygem-foreman_azure_rm in versions before 2.2.0. A credential leak was identified which will expose Azure Resource Manager's secret key through JSON of the API output. The highest threat from this vulnerability is to data confidentiality and integrity ...

6.5CVSS6.3AI score0.00217EPSS
CVE
CVE
added 2021/02/23 11:15 p.m.66 views

CVE-2021-20256

A flaw was found in Red Hat Satellite. The BMC interface exposes the password through the API to an authenticated local attacker with view_hosts permission. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

5.3CVSS5.4AI score0.00043EPSS
CVE
CVE
added 2021/06/02 12:15 p.m.55 views

CVE-2020-14335

A flaw was found in Red Hat Satellite, which allows a privileged attacker to read OMAPI secrets through the ISC DHCP of Smart-Proxy. This flaw allows an attacker to gain control of DHCP records from the network. The highest threat from this vulnerability is to system availability.

5.5CVSS5.7AI score0.00043EPSS
CVE
CVE
added 2021/06/02 1:15 p.m.45 views

CVE-2020-14371

A credential leak vulnerability was found in Red Hat Satellite. This flaw exposes the compute resources credentials through VMs that are running on these resources in Satellite.

6.5CVSS6.4AI score0.00274EPSS