Vulnerabilities > Redhat > Satellite > 6.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-01-13 | CVE-2018-16887 | Cross-site Scripting vulnerability in multiple products A cross-site scripting (XSS) flaw was found in the katello component of Satellite. | 5.4 |
| 2018-07-26 | CVE-2017-12175 | Unspecified vulnerability in Redhat Satellite Red Hat Satellite before 6.5 is vulnerable to a XSS in discovery rule when you are entering filter and you use autocomplete functionality. | 5.4 |
| 2018-04-16 | CVE-2016-9593 | Credentials Management vulnerability in multiple products foreman-debug before version 1.15.0 is vulnerable to a flaw in foreman-debug's logging. | 8.8 |
| 2018-02-27 | CVE-2017-15136 | Unspecified vulnerability in Redhat Satellite 6.0 When registering and activating a new system with Red Hat Satellite 6 if the new systems hostname is then reset to the hostname of a previously registered system the previously registered system will lose access to updates including security updates. | 2.7 |
| 2017-08-28 | CVE-2014-8168 | Improper Access Control vulnerability in Redhat Satellite 6.0 Red Hat Satellite 6 allows local users to access mongod and delete pulp_database. | 6.1 |