Vulnerabilities > Redhat > Satellite > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-04-05 CVE-2018-1096 SQL Injection vulnerability in multiple products
An input sanitization flaw was found in the id field in the dashboard controller of Foreman before 1.16.1.
network
low complexity
theforeman redhat CWE-89
4.0
4.0
2018-03-14 CVE-2018-1077 XXE vulnerability in Redhat Satellite and Spacewalk
Spacewalk 2.6 contains an API which has an XXE flaw allowing for the disclosure of potentially sensitive information from the server.
network
low complexity
redhat CWE-611
5.0
5.0
2018-02-27 CVE-2017-15136 Unspecified vulnerability in Redhat Satellite 6.0
When registering and activating a new system with Red Hat Satellite 6 if the new systems hostname is then reset to the hostname of a previously registered system the previously registered system will lose access to updates including security updates.
network
low complexity
redhat
4.0
4.0
2018-02-09 CVE-2017-10690 Improper Privilege Management vulnerability in multiple products
In previous versions of Puppet Agent it was possible for the agent to retrieve facts from an environment that it was not classified to retrieve from.
network
low complexity
puppet redhat CWE-269
4.0
4.0
2018-01-18 CVE-2018-2678 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). 4.3
4.3
2018-01-18 CVE-2018-2677 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). 4.3
4.3
2018-01-18 CVE-2018-2663 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). 4.3
4.3
2018-01-18 CVE-2018-2657 Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization).
network
low complexity
oracle redhat schneider-electric hp
5.0
5.0
2018-01-18 CVE-2018-2641 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). 6.1
6.1
2018-01-18 CVE-2018-2634 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JGSS). 6.8
6.8