redhat-upgrade-tool is vulnerable to man-in-the-middle (MitM) attack. The tool does not implement proper GPG signature verification when performing package installations, allowing an attacker to perform man-in-the-middle attacks against the client.
CPE | Name | Operator | Version |
---|---|---|---|
redhat-upgrade-tool | eq | 0.7.6__1.el7.centos | |
redhat-upgrade-tool | eq | 0.7.6__1.el7.centos |