Lucene search
Veracode Vulnerability DatabaseVERACODE:10915HistoryJan 15, 2019 - 8:54 a.m.
Authentication Bypass
2019-01-1508:54:04
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
EPSS
0.004
Percentile
72.9%
candlepin is potentially vulnerable to authentication bypass. This is due to a weak authentication scheme when no settings are specified in the configuration file.
References
rhn.redhat.com/errata/RHSA-2013-1863.html
access.redhat.com/errata/RHSA-2013:1863
access.redhat.com/security/cve/CVE-2013-6439
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=1042677
exchange.xforce.ibmcloud.com/vulnerabilities/90134
rhn.redhat.com/errata/RHSA-2013-1863.html
Related
redhat
redhat
(RHSA-2013:1863) Important: candlepin security update
2013-12-19 00:00:00
nessus
nessus
RHEL 6 : candlepin in Subscription Asset Manager (RHSA-2013:1863)
2014-06-23 00:00:00
cvelist
cvelist
CVE-2013-6439
2013-12-23 22:00:00
nvd
nvd
CVE-2013-6439
2013-12-23 22:55:02
prion
prion
Authentication flaw
2013-12-23 22:55:00
cve
cve
CVE-2013-6439
2013-12-23 22:55:02