Vulnerabilities > Redhat > Satellite > 5.4.1

DATE CVE VULNERABILITY TITLE RISK
2023-12-18 CVE-2023-4320 Insufficient Session Expiration vulnerability in Redhat Satellite
An arithmetic overflow flaw was found in Satellite when creating a new personal access token.
network
low complexity
redhat CWE-613
7.5
2019-12-02 CVE-2012-5562 Cleartext Transmission of Sensitive Information vulnerability in Redhat Satellite
rhn-proxy: may transmit credentials over clear-text when accessing RHN Satellite
low complexity
redhat CWE-319
3.3
2019-04-11 CVE-2019-3845 Unspecified vulnerability in Redhat Satellite
A lack of access control was found in the message queues maintained by Satellite's QPID broker and used by katello-agent in versions before Satellite 6.2, Satellite 6.1 optional and Satellite Capsule 6.1.
low complexity
redhat
5.2
2018-08-22 CVE-2017-7513 Improper Certificate Validation vulnerability in Redhat Satellite
It was found that Satellite 5 configured with SSL/TLS for the PostgreSQL backend failed to correctly validate X.509 server certificate host name fields.
network
redhat CWE-295
5.8
2018-07-30 CVE-2017-7514 Cross-site Scripting vulnerability in Redhat Satellite
A cross-site scripting (XSS) flaw was found in how the failed action entry is processed in Red Hat Satellite before version 5.8.0.
network
low complexity
redhat CWE-79
5.4
2018-07-26 CVE-2017-12175 Cross-site Scripting vulnerability in Redhat Satellite
Red Hat Satellite before 6.5 is vulnerable to a XSS in discovery rule when you are entering filter and you use autocomplete functionality.
network
low complexity
redhat CWE-79
5.4
2018-07-26 CVE-2017-7538 Cross-site Scripting vulnerability in Redhat Satellite
A cross-site scripting (XSS) flaw was found in how an organization name is displayed in Satellite 5, before 5.8.
network
redhat CWE-79
3.5