Lucene search
Veracode Vulnerability DatabaseVERACODE:11384HistoryJan 15, 2019 - 9:01 a.m.
Privilege Escalation
2019-01-1509:01:15
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
EPSS
0.008
Percentile
81.5%
spacewalk-java is vulnerable to privilege escalation attacks. The vulnerability exists as Red Hat Satellite 5.6 and earlier does not disable the web interface that is used to create the first user for a satellite, which allows remote attackers to create administrator accounts.
References
lists.opensuse.org/opensuse-security-announce/2013-11/msg00009.html
rhn.redhat.com/errata/RHSA-2013-1513.html
rhn.redhat.com/errata/RHSA-2013-1514.html
access.redhat.com/errata/RHSA-2013:1513
access.redhat.com/errata/RHSA-2013:1514
access.redhat.com/security/cve/CVE-2013-4480
access.redhat.com/security/updates/classification/#critical
access.redhat.com/site/articles/539283
bugzilla.redhat.com/show_bug.cgi?id=1024614
rhn.redhat.com/errata/RHSA-2013-1514.html
Related
cvelist
cvelist
CVE-2013-4480
2013-11-15 18:16:00
nessus
nessus
RHEL 5 : rhn-java-sat in Satellite Server (RHSA-2013:1513)
2013-11-13 00:00:00
RHEL 5 / 6 : spacewalk-java in Satellite Server (RHSA-2013:1514)
2013-11-13 00:00:00
prion
prion
Design/Logic Flaw
2013-11-18 02:55:00
redhat
redhat
(RHSA-2013:1514) Critical: spacewalk-java security update
2013-11-12 00:00:00
(RHSA-2013:1513) Critical: rhn-java-sat security update
2013-11-12 00:00:00
suse
suse
Security update for spacewalk-java (critical)
2013-11-12 23:04:12
cve
cve
CVE-2013-4480
2013-11-18 02:55:07
nvd
nvd
CVE-2013-4480
2013-11-18 02:55:07