CVE-2017-7470

Опубликовано: 27 июл. 2018

Источник: nvd

CVSS3: 6.5

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

It was found that spacewalk-channel can be used by a non-admin user or disabled users to perform administrative tasks due to an incorrect authorization check in backend/server/rhnChannel.py.

Ссылки

http://www.securityfocus.com/bid/98569
Third Party Advisory
VDB Entry
https://access.redhat.com/errata/RHSA-2017:1259
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7470
Issue Tracking
Third Party Advisory
http://www.securityfocus.com/bid/98569
Third Party Advisory
VDB Entry
https://access.redhat.com/errata/RHSA-2017:1259
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7470
Issue Tracking
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:redhat:spacewalk:-:*:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*

cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*

EPSS

Процентиль: 73%

0.00766

Низкий

6.5 Medium

CVSS3

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-863

Связанные уязвимости

CVE-2017-7470

CVSS3: 6.5

redhat

больше 8 лет назад

It was found that spacewalk-channel can be used by a non-admin user or disabled users to perform administrative tasks due to an incorrect authorization check in backend/server/rhnChannel.py.

SUSE-SU-2017:1347-1

suse-cvrf

больше 8 лет назад

Security update for SUSE Manager Client Tools

GHSA-8hhp-cr56-3gg7

CVSS3: 9.8

github

больше 3 лет назад

It was found that spacewalk-channel can be used by a non-admin user or disabled users to perform administrative tasks due to an incorrect authorization check in backend/server/rhnChannel.py.

EPSS

Процентиль: 73%

0.00766

Низкий

6.5 Medium

CVSS3

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-863