Vulnerabilities > Katello

DATE	CVE	VULNERABILITY TITLE	RISK
2018-05-01	CVE-2013-4201	Permission Issues vulnerability in Katello Katello allows remote authenticated users to call the "system remove_deletion" CLI command via vectors related to "remove system" permissions. network low complexity katello CWE-275	4.3
2016-06-07	CVE-2016-3072	SQL Injection vulnerability in multiple products Multiple SQL injection vulnerabilities in the scoped_search function in app/controllers/katello/api/v2/api_controller.rb in Katello allow remote authenticated users to execute arbitrary SQL commands via the (1) sort_by or (2) sort_order parameter. network low complexity katello redhat CWE-89	8.8

Vulnerabilities > Katello {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Katello"}]}