Vulnerabilities > Redhat > Satellite > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-06-02 CVE-2020-14335 Unspecified vulnerability in Redhat Satellite 6.0
A flaw was found in Red Hat Satellite, which allows a privileged attacker to read OMAPI secrets through the ISC DHCP of Smart-Proxy.
local
low complexity
redhat
5.5
2021-05-27 CVE-2020-10716 A flaw was found in Red Hat Satellite's Job Invocation, where the "User Input" entry was not properly restricted to the view.
network
low complexity
redhat theforeman
6.5
2021-04-08 CVE-2021-3413 A flaw was found in Red Hat Satellite in tfm-rubygem-foreman_azure_rm in versions before 2.2.0.
network
low complexity
theforeman redhat
6.3
2021-02-23 CVE-2021-20256 Unspecified vulnerability in Redhat Satellite 6.0
A flaw was found in Red Hat Satellite.
local
low complexity
redhat
5.3
2020-05-06 CVE-2020-10693 A flaw was found in Hibernate Validator version 6.1.2.Final.
network
low complexity
redhat ibm quarkus oracle
5.3
2020-01-02 CVE-2014-3590 Cross-Site Request Forgery (CSRF) vulnerability in Redhat Satellite 6.0
Versions of Foreman as shipped with Red Hat Satellite 6 does not check for a correct CSRF token in the logout action.
network
low complexity
redhat CWE-352
6.5
2019-12-13 CVE-2014-0241 Insufficiently Protected Credentials vulnerability in multiple products
rubygem-hammer_cli_foreman: File /etc/hammer/cli.modules.d/foreman.yml world readable
local
low complexity
theforeman redhat CWE-522
5.5
2019-12-03 CVE-2013-2101 Cross-site Scripting vulnerability in multiple products
Katello has multiple XSS issues in various entities
network
low complexity
theforeman redhat CWE-79
5.4
2019-12-02 CVE-2012-5562 Cleartext Transmission of Sensitive Information vulnerability in Redhat Satellite
rhn-proxy: may transmit credentials over clear-text when accessing RHN Satellite
low complexity
redhat CWE-319
6.5
2019-11-05 CVE-2013-6461 XML Entity Expansion vulnerability in multiple products
Nokogiri gem 1.5.x and 1.6.x has DoS while parsing XML entities by failing to apply limits
network
low complexity
nokogiri debian redhat CWE-776
6.5