Vulnerabilities > CVE-2020-14380 - Unspecified vulnerability in Redhat Satellite 6.7.2

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

high complexity

redhat

NVD

Published: 2021-06-02

Updated: 2024-11-21

Summary

An account takeover flaw was found in Red Hat Satellite 6.7.2 onward. A potential attacker with proper authentication to the relevant external authentication source (SSO or Open ID) can claim the privileges of already existing local users of Satellite.

Vulnerable Configurations

Part	Description	Count
Application	Redhat Redhat Satellite 6.7.2	1

References

https://bugzilla.redhat.com/show_bug.cgi?id=1873926
https://bugzilla.redhat.com/show_bug.cgi?id=1873926