Vulnerabilities > Redhat > Satellite > 5.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-06-16 | CVE-2012-1145 | Improper Authentication vulnerability in Redhat Satellite 5.4 spacewalk-backend in Red Hat Network Satellite 5.4 on Red Hat Enterprise Linux 6 does not properly authorize or authenticate uploads to the NULL organization when mod_wsgi is used, which allows remote attackers to cause a denial of service (/var partition disk consumption and failed updates) via a large number of package uploads. | 5.0 |
2011-04-18 | CVE-2010-1171 | Permissions, Privileges, and Access Controls vulnerability in Redhat Satellite 5.3/5.4 Red Hat Network (RHN) Satellite 5.3 and 5.4 exposes a dangerous, obsolete XML-RPC API, which allows remote authenticated users to access arbitrary files and cause a denial of service (failed yum operations) via vectors related to configuration and package group (comps.xml) files for channels. | 5.5 |