5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
3.5 Low
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
Red Hat Satellite is vulnerable to cross-site scripting attacks. Remote authenticated attacker could exploit the Discovery Rule
component when you are entering filter via the autocomplete functionality resulting in XSS.
www.securityfocus.com/bid/101245
access.redhat.com/documentation/en-us/red_hat_satellite/6.4/html/release_notes/
access.redhat.com/errata/RHSA-2018:2927
access.redhat.com/security/cve/CVE-2017-12175
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=1052713
bugzilla.redhat.com/show_bug.cgi?id=1060745
bugzilla.redhat.com/show_bug.cgi?id=1155817
bugzilla.redhat.com/show_bug.cgi?id=1177766
bugzilla.redhat.com/show_bug.cgi?id=1197650
bugzilla.redhat.com/show_bug.cgi?id=1260733
bugzilla.redhat.com/show_bug.cgi?id=1265533
bugzilla.redhat.com/show_bug.cgi?id=1291730
bugzilla.redhat.com/show_bug.cgi?id=1295741
bugzilla.redhat.com/show_bug.cgi?id=1312098
bugzilla.redhat.com/show_bug.cgi?id=1328707
bugzilla.redhat.com/show_bug.cgi?id=1349150
bugzilla.redhat.com/show_bug.cgi?id=1356517
bugzilla.redhat.com/show_bug.cgi?id=1357256
bugzilla.redhat.com/show_bug.cgi?id=1372468
bugzilla.redhat.com/show_bug.cgi?id=1372731
bugzilla.redhat.com/show_bug.cgi?id=1379291
bugzilla.redhat.com/show_bug.cgi?id=1382069
bugzilla.redhat.com/show_bug.cgi?id=1386283
bugzilla.redhat.com/show_bug.cgi?id=1386908
bugzilla.redhat.com/show_bug.cgi?id=1389820
bugzilla.redhat.com/show_bug.cgi?id=1400058
bugzilla.redhat.com/show_bug.cgi?id=1409485
bugzilla.redhat.com/show_bug.cgi?id=1410264
bugzilla.redhat.com/show_bug.cgi?id=1410746
bugzilla.redhat.com/show_bug.cgi?id=1412596
bugzilla.redhat.com/show_bug.cgi?id=1416106
bugzilla.redhat.com/show_bug.cgi?id=1417015
bugzilla.redhat.com/show_bug.cgi?id=1417130
bugzilla.redhat.com/show_bug.cgi?id=1419060
bugzilla.redhat.com/show_bug.cgi?id=1425609
bugzilla.redhat.com/show_bug.cgi?id=1426739
bugzilla.redhat.com/show_bug.cgi?id=1428541
bugzilla.redhat.com/show_bug.cgi?id=1430022
bugzilla.redhat.com/show_bug.cgi?id=1430742
bugzilla.redhat.com/show_bug.cgi?id=1435973
bugzilla.redhat.com/show_bug.cgi?id=1439353
bugzilla.redhat.com/show_bug.cgi?id=1443505
bugzilla.redhat.com/show_bug.cgi?id=1443804
bugzilla.redhat.com/show_bug.cgi?id=1449011
bugzilla.redhat.com/show_bug.cgi?id=1452772
bugzilla.redhat.com/show_bug.cgi?id=1455006
bugzilla.redhat.com/show_bug.cgi?id=1455132
bugzilla.redhat.com/show_bug.cgi?id=1458383
bugzilla.redhat.com/show_bug.cgi?id=1458573
bugzilla.redhat.com/show_bug.cgi?id=1458754
bugzilla.redhat.com/show_bug.cgi?id=1464219
bugzilla.redhat.com/show_bug.cgi?id=1464512
bugzilla.redhat.com/show_bug.cgi?id=1468354
bugzilla.redhat.com/show_bug.cgi?id=1468359
bugzilla.redhat.com/show_bug.cgi?id=1470014
bugzilla.redhat.com/show_bug.cgi?id=1470761
bugzilla.redhat.com/show_bug.cgi?id=1474348
bugzilla.redhat.com/show_bug.cgi?id=1475121
bugzilla.redhat.com/show_bug.cgi?id=1478849
bugzilla.redhat.com/show_bug.cgi?id=1482540
bugzilla.redhat.com/show_bug.cgi?id=1483033
bugzilla.redhat.com/show_bug.cgi?id=1485805
bugzilla.redhat.com/show_bug.cgi?id=1486297
bugzilla.redhat.com/show_bug.cgi?id=1486782
bugzilla.redhat.com/show_bug.cgi?id=1487710
bugzilla.redhat.com/show_bug.cgi?id=1488291
bugzilla.redhat.com/show_bug.cgi?id=1489377
bugzilla.redhat.com/show_bug.cgi?id=1498588
bugzilla.redhat.com/show_bug.cgi?id=1498976
bugzilla.redhat.com/show_bug.cgi?id=1500593
bugzilla.redhat.com/show_bug.cgi?id=1515888
bugzilla.redhat.com/show_bug.cgi?id=1516623
bugzilla.redhat.com/show_bug.cgi?id=1527896
bugzilla.redhat.com/show_bug.cgi?id=1536487
bugzilla.redhat.com/show_bug.cgi?id=1538448
bugzilla.redhat.com/show_bug.cgi?id=1538479
bugzilla.redhat.com/show_bug.cgi?id=1539076
bugzilla.redhat.com/show_bug.cgi?id=1545314
bugzilla.redhat.com/show_bug.cgi?id=1552632
bugzilla.redhat.com/show_bug.cgi?id=1553869
bugzilla.redhat.com/show_bug.cgi?id=1553994
bugzilla.redhat.com/show_bug.cgi?id=1555310
bugzilla.redhat.com/show_bug.cgi?id=1557067
bugzilla.redhat.com/show_bug.cgi?id=1564577
bugzilla.redhat.com/show_bug.cgi?id=1570808
bugzilla.redhat.com/show_bug.cgi?id=1572290
bugzilla.redhat.com/show_bug.cgi?id=1572297
bugzilla.redhat.com/show_bug.cgi?id=1572305
bugzilla.redhat.com/show_bug.cgi?id=1579384
bugzilla.redhat.com/show_bug.cgi?id=1595777
bugzilla.redhat.com/show_bug.cgi?id=1608447
bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12175
projects.theforeman.org/issues/22042
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
3.5 Low
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N