Satellite Security Vulnerabilities and Issues — Satellite CVE List

Lucene search

RedhatSatellite

4 matches found

CVE•added 2019/01/16 7:30 p.m.•376 views

CVE-2019-2422

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to co...

3.1CVSS2.4AI score0.00128EPSS

CVE•added 2019/01/16 7:30 p.m.•143 views

CVE-2019-2449

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). The supported version that is affected is Java SE: 8u192. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks requ...

3.1CVSS4.3AI score0.03459EPSS

CVE•added 2019/01/13 2:29 a.m.•69 views

CVE-2018-16887

A cross-site scripting (XSS) flaw was found in the katello component of Satellite. An attacker with privilege to create/edit organizations and locations is able to execute a XSS attacks against other users through the Subscriptions or the Red Hat Repositories wizards. This can possibly lead to mali...

5.4CVSS5.4AI score0.00261EPSS

CVE•added 2019/01/22 3:29 p.m.•44 views

CVE-2018-14666

An improper authorization flaw was found in the Smart Class feature of Foreman. An attacker can use it to change configuration of any host registered in Red Hat Satellite, independent of the organization the host belongs to. This flaw affects all Red Hat Satellite 6 versions.

7.2CVSS6.8AI score0.00353EPSS