Vulnerabilities > Redhat > Satellite
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-02 | CVE-2020-14371 | Information Exposure vulnerability in Redhat Satellite 6.0 A credential leak vulnerability was found in Red Hat Satellite. | 4.0 |
| 2021-06-02 | CVE-2020-14380 | Improper Authentication vulnerability in Redhat Satellite 6.7.2 An account takeover flaw was found in Red Hat Satellite 6.7.2 onward. | 7.5 |
| 2021-06-02 | CVE-2020-14335 | Information Exposure vulnerability in Redhat Satellite 6.0 A flaw was found in Red Hat Satellite, which allows a privileged attacker to read OMAPI secrets through the ISC DHCP of Smart-Proxy. | 5.5 |
| 2021-05-27 | CVE-2020-10716 | A flaw was found in Red Hat Satellite's Job Invocation, where the "User Input" entry was not properly restricted to the view. | 6.5 |
| 2021-04-08 | CVE-2021-3413 | Information Exposure vulnerability in multiple products A flaw was found in Red Hat Satellite in tfm-rubygem-foreman_azure_rm in versions before 2.2.0. | 6.5 |
| 2021-02-23 | CVE-2021-20256 | Information Exposure vulnerability in Redhat Satellite 6.0 A flaw was found in Red Hat Satellite. | 5.3 |
| 2020-07-31 | CVE-2020-14334 | Insufficiently Protected Credentials vulnerability in Redhat Satellite 6.0 A flaw was found in Red Hat Satellite 6 which allows privileged attacker to read cache files. | 8.8 |
| 2020-05-06 | CVE-2020-10693 | Improper Input Validation vulnerability in multiple products A flaw was found in Hibernate Validator version 6.1.2.Final. | 5.3 |
| 2020-02-19 | CVE-2012-6685 | XML Entity Expansion vulnerability in multiple products Nokogiri before 1.5.4 is vulnerable to XXE attacks | 5.0 |
| 2020-01-02 | CVE-2014-3590 | Cross-Site Request Forgery (CSRF) vulnerability in Redhat Satellite 6.0 Versions of Foreman as shipped with Red Hat Satellite 6 does not check for a correct CSRF token in the logout action. | 4.3 |