Satellite@5.0 Security Vulnerabilities and Issues — Satellite@5.0 CVE List

Lucene search

RedhatSatellite5.0

4 matches found

CVE•added 2019/07/02 8:15 p.m.•184 views

CVE-2019-10137

A path traversal flaw was found in spacewalk-proxy, all versions through 2.9, in the way the proxy processes cached client tokens. A remote, unauthenticated attacker could use this flaw to test the existence of arbitrary files, if they have access to the proxy's filesystem, or can execute arbitrary...

9.8CVSS9.6AI score0.08937EPSS

CVE•added 2018/08/22 3:29 p.m.•50 views

CVE-2017-7513

It was found that Satellite 5 configured with SSL/TLS for the PostgreSQL backend failed to correctly validate X.509 server certificate host name fields. A man-in-the-middle attacker could use this flaw to spoof a PostgreSQL server using a specially crafted X.509 certificate.

5.8CVSS5.2AI score0.0009EPSS

CVE•added 2017/08/28 7:29 p.m.•44 views

CVE-2014-8163

Directory traversal vulnerability in the XMLRPC interface in Red Hat Satellite 5.

6.5CVSS6.5AI score0.00684EPSS

CVE•added 2018/03/14 6:29 p.m.•41 views

CVE-2018-1077

Spacewalk 2.6 contains an API which has an XXE flaw allowing for the disclosure of potentially sensitive information from the server.

7.5CVSS7.3AI score0.00234EPSS