Satellite@6.13 Security Vulnerabilities and Issues — Satellite@6.13 CVE List

Lucene search

RedhatSatellite6.13

3 matches found

CVE•added 2023/09/12 4:15 p.m.•160 views

CVE-2023-0119

A stored Cross-site scripting vulnerability was found in foreman. The Comment section in the Hosts tab has incorrect filtering of user input data. As a result of the attack, an attacker with an existing account on the system can steal another user's session, make requests on behalf of the user, and...

5.4CVSS5.5AI score0.00231EPSS

CVE•added 2024/09/04 2:15 p.m.•89 views

CVE-2024-7012

An authentication bypass vulnerability has been identified in Foreman when deployed with External Authentication, due to the puppet-foreman configuration. This issue arises from Apache's mod_proxy not properly unsetting headers because of restrictions on underscores in HTTP headers, allowing authen...

9.8CVSS9.5AI score0.00655EPSS

CVE•added 2024/09/04 2:15 p.m.•89 views

CVE-2024-7923

An authentication bypass vulnerability has been identified in Pulpcore when deployed with Gunicorn versions prior to 22.0, due to the puppet-pulpcore configuration. This issue arises from Apache's mod_proxy not properly unsetting headers because of restrictions on underscores in HTTP headers, allow...

9.8CVSS9.5AI score0.00455EPSS