Описание
Red Hat Satellite 5.6 and earlier does not disable the web interface that is used to create the first user for a satellite, which allows remote attackers to create administrator accounts.
Ссылки
- Mailing ListPatchVendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Issue TrackingVendor Advisory
- Mailing ListPatchVendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Issue TrackingVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.6 (включая)Версия до 5.6 (включая)
Одно из
cpe:2.3:a:redhat:network_satellite:*:*:*:*:*:*:*:*
cpe:2.3:a:redhat:satellite:*:*:*:*:*:*:*:*
cpe:2.3:a:redhat:satellite_with_embedded_oracle:5.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:satellite_with_embedded_oracle:5.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:satellite_with_embedded_oracle:5.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:satellite_with_embedded_oracle:5.5:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:a:suse:manager:1.7:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise:11.0:sp2:*:*:*:*:*:*
EPSS
Процентиль: 72%
0.00704
Низкий
7.5 High
CVSS2
Дефекты
CWE-668
Связанные уязвимости
redhat
около 12 лет назад
Red Hat Satellite 5.6 and earlier does not disable the web interface that is used to create the first user for a satellite, which allows remote attackers to create administrator accounts.
github
больше 3 лет назад
Red Hat Satellite 5.6 and earlier does not disable the web interface that is used to create the first user for a satellite, which allows remote attackers to create administrator accounts.
EPSS
Процентиль: 72%
0.00704
Низкий
7.5 High
CVSS2
Дефекты
CWE-668