Vulnerabilities > Redhat > Network Satellite
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-04-17 | CVE-2013-2143 | Improper Input Validation vulnerability in multiple products The users controller in Katello 1.5.0-14 and earlier, and Red Hat Satellite, does not check authorization for the update_roles action, which allows remote authenticated users to gain privileges by setting a user account to an administrator account. | 6.5 |
| 2014-02-05 | CVE-2011-1594 | Improper Input Validation vulnerability in Redhat Network Satellite and Spacewalk Open redirect vulnerability in Spacewalk 1.6, as used in Red Hat Network (RHN) Satellite, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url_bounce parameter. | 5.8 |