Описание
The Candlepin component of Red Hat Satellite was affected by an improper authentication flaw. Few factors could allow an attacker to use the SCA (simple content access) certificate for authentication with Candlepin.
Ссылки
- Vendor Advisory
- Issue TrackingVendor Advisory
- PatchThird Party Advisory
- Third Party Advisory
- PatchThird Party Advisory
- Vendor Advisory
- Issue TrackingVendor Advisory
- PatchThird Party Advisory
- Third Party Advisory
- PatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 3.1.0 (включая) до 3.1.28-2 (включая)Версия от 3.2.0 (включая) до 3.2.21-1 (включая)Версия от 4.1.0 (включая) до 4.1.8-1 (включая)
Одно из
cpe:2.3:a:candlepinproject:candlepin:*:*:*:*:*:*:*:*
cpe:2.3:a:candlepinproject:candlepin:*:*:*:*:*:*:*:*
cpe:2.3:a:candlepinproject:candlepin:*:*:*:*:*:*:*:*
EPSS
Процентиль: 31%
0.00118
Низкий
5.5 Medium
CVSS3
Дефекты
CWE-639
CWE-287
Связанные уязвимости
CVSS3: 5.5
redhat
около 4 лет назад
The Candlepin component of Red Hat Satellite was affected by an improper authentication flaw. Few factors could allow an attacker to use the SCA (simple content access) certificate for authentication with Candlepin.
CVSS3: 5.5
github
больше 3 лет назад
The Candlepin component of Red Hat Satellite was affected by an improper authentication flaw. Few factors could allow an attacker to use the SCA (simple content access) certificate for authentication with Candlepin.
EPSS
Процентиль: 31%
0.00118
Низкий
5.5 Medium
CVSS3
Дефекты
CWE-639
CWE-287