Описание
The Inter-Satellite Sync (ISS) operation in Red Hat Network (RHN) Satellite 5.3, 5.4, and 5.5 does not properly check client "authenticity," which allows remote attackers to obtain channel content by skipping the initial authentication call.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Satellite 5.2 | Server | Not affected | ||
| Red Hat Network Satellite Server v 5.3 | spacewalk-backend | Fixed | RHSA-2013:0848 | 21.05.2013 |
| Red Hat Network Satellite Server v 5.4 | spacewalk-backend | Fixed | RHSA-2013:0848 | 21.05.2013 |
| Red Hat Network Satellite Server v 5.5 | spacewalk-backend | Fixed | RHSA-2013:0848 | 21.05.2013 |
Показывать по
Дополнительная информация
Статус:
5 Medium
CVSS2
Связанные уязвимости
The Inter-Satellite Sync (ISS) operation in Red Hat Network (RHN) Satellite 5.3, 5.4, and 5.5 does not properly check client "authenticity," which allows remote attackers to obtain channel content by skipping the initial authentication call.
The Inter-Satellite Sync (ISS) operation in Red Hat Network (RHN) Satellite 5.3, 5.4, and 5.5 does not properly check client "authenticity," which allows remote attackers to obtain channel content by skipping the initial authentication call.
5 Medium
CVSS2