exploitDog

CVE-2013-2056

Опубликовано: 31 июл. 2013

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

The Inter-Satellite Sync (ISS) operation in Red Hat Network (RHN) Satellite 5.3, 5.4, and 5.5 does not properly check client "authenticity," which allows remote attackers to obtain channel content by skipping the initial authentication call.

Ссылки

http://rhn.redhat.com/errata/RHSA-2013-0848.html
Vendor Advisory
http://secunia.com/advisories/53487
Vendor Advisory
http://www.osvdb.org/93566
http://rhn.redhat.com/errata/RHSA-2013-0848.html
Vendor Advisory
http://secunia.com/advisories/53487
Vendor Advisory
http://www.osvdb.org/93566

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:redhat:satellite:5.3:*:*:*:*:*:*:*

cpe:2.3:a:redhat:satellite:5.4:*:*:*:*:*:*:*

cpe:2.3:a:redhat:satellite:5.5:*:*:*:*:*:*:*

EPSS

Процентиль: 56%

0.00334

Низкий

5 Medium

CVSS2

Дефекты

CWE-287

Связанные уязвимости

CVE-2013-2056

redhat

больше 12 лет назад

The Inter-Satellite Sync (ISS) operation in Red Hat Network (RHN) Satellite 5.3, 5.4, and 5.5 does not properly check client "authenticity," which allows remote attackers to obtain channel content by skipping the initial authentication call.

GHSA-p9rr-x8fh-7586

github

больше 3 лет назад

The Inter-Satellite Sync (ISS) operation in Red Hat Network (RHN) Satellite 5.3, 5.4, and 5.5 does not properly check client "authenticity," which allows remote attackers to obtain channel content by skipping the initial authentication call.

EPSS

Процентиль: 56%

0.00334

Низкий

5 Medium

CVSS2

Дефекты

CWE-287