Описание
Red Hat Network (RHN) Satellite 5.3 and 5.4 exposes a dangerous, obsolete XML-RPC API, which allows remote authenticated users to access arbitrary files and cause a denial of service (failed yum operations) via vectors related to configuration and package group (comps.xml) files for channels.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Satellite 5.0 | Server | Will not fix | ||
| Red Hat Satellite 5.1 | Server | Will not fix | ||
| Red Hat Satellite 5.2 | Server | Affected | ||
| Red Hat Network Satellite Server v 5.3 | spacewalk-backend | Fixed | RHSA-2011:0434 | 11.04.2011 |
| Red Hat Network Satellite Server v 5.3 | spacewalk-config | Fixed | RHSA-2011:0434 | 11.04.2011 |
| Red Hat Network Satellite Server v 5.4 | spacewalk-backend | Fixed | RHSA-2011:0434 | 11.04.2011 |
| Red Hat Network Satellite Server v 5.4 | spacewalk-config | Fixed | RHSA-2011:0434 | 11.04.2011 |
Показывать по
Дополнительная информация
Статус:
EPSS
5.5 Medium
CVSS2
Связанные уязвимости
Red Hat Network (RHN) Satellite 5.3 and 5.4 exposes a dangerous, obsolete XML-RPC API, which allows remote authenticated users to access arbitrary files and cause a denial of service (failed yum operations) via vectors related to configuration and package group (comps.xml) files for channels.
Red Hat Network (RHN) Satellite 5.3 and 5.4 exposes a dangerous, obsolete XML-RPC API, which allows remote authenticated users to access arbitrary files and cause a denial of service (failed yum operations) via vectors related to configuration and package group (comps.xml) files for channels.
EPSS
5.5 Medium
CVSS2