Satellite@5.3 Security Vulnerabilities and Issues — Satellite@5.3 CVE List

Lucene search

RedhatSatellite5.3

4 matches found

CVE•added 2011/04/18 5:55 p.m.•50 views

CVE-2010-1171

Red Hat Network (RHN) Satellite 5.3 and 5.4 exposes a dangerous, obsolete XML-RPC API, which allows remote authenticated users to access arbitrary files and cause a denial of service (failed yum operations) via vectors related to configuration and package group (comps.xml) files for channels.

5.5CVSS6.7AI score0.00888EPSS

CVE•added 2018/08/22 3:29 p.m.•50 views

CVE-2017-7513

It was found that Satellite 5 configured with SSL/TLS for the PostgreSQL backend failed to correctly validate X.509 server certificate host name fields. A man-in-the-middle attacker could use this flaw to spoof a PostgreSQL server using a specially crafted X.509 certificate.

5.8CVSS5.2AI score0.0009EPSS

CVE•added 2013/07/31 1:20 p.m.•44 views

CVE-2013-2056

The Inter-Satellite Sync (ISS) operation in Red Hat Network (RHN) Satellite 5.3, 5.4, and 5.5 does not properly check client "authenticity," which allows remote attackers to obtain channel content by skipping the initial authentication call.

5CVSS6.9AI score0.00377EPSS

CVE•added 2014/04/15 11:55 p.m.•39 views

CVE-2010-2236

The monitoring probe display in spacewalk-java before 2.1.148-1 and Red Hat Network (RHN) Satellite 4.0.0 through 4.2.0 and 5.1.0 through 5.3.0, and Proxy 5.3.0, allows remote authenticated users with permissions to administer monitoring probes to execute arbitrary code via unspecified vectors, rel...

6CVSS7.6AI score0.02056EPSS