Shodan
Vulnerabilities
Vulnerable Software
Redhat:  >> Satellite  >> 6.0  Security Vulnerabilities
CVE-2020-14371
A credential leak vulnerability was found in Red Hat Satellite. This flaw exposes the compute resources credentials through VMs that are running on these resources in Satellite.
CVSS Score
6.5
EPSS Score
0.003
Published
2021-06-02
CVE-2020-14335
A flaw was found in Red Hat Satellite, which allows a privileged attacker to read OMAPI secrets through the ISC DHCP of Smart-Proxy. This flaw allows an attacker to gain control of DHCP records from the network. The highest threat from this vulnerability is to system availability.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-06-02
CVE-2021-3413
A flaw was found in Red Hat Satellite in tfm-rubygem-foreman_azure_rm in versions before 2.2.0. A credential leak was identified which will expose Azure Resource Manager's secret key through JSON of the API output. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVSS Score
6.3
EPSS Score
0.003
Published
2021-04-08
CVE-2021-20256
A flaw was found in Red Hat Satellite. The BMC interface exposes the password through the API to an authenticated local attacker with view_hosts permission. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVSS Score
5.3
EPSS Score
0.001
Published
2021-02-23
CVE-2020-14334
A flaw was found in Red Hat Satellite 6 which allows privileged attacker to read cache files. These cache credentials could help attacker to gain complete control of the Satellite instance.
CVSS Score
8.8
EPSS Score
0.001
Published
2020-07-31
CVE-2012-6685
Nokogiri before 1.5.4 is vulnerable to XXE attacks
CVSS Score
7.5
EPSS Score
0.003
Published
2020-02-19
CVE-2014-3590
Versions of Foreman as shipped with Red Hat Satellite 6 does not check for a correct CSRF token in the logout action. Therefore, an attacker can log out a user by having them view specially crafted content.
CVSS Score
6.5
EPSS Score
0.002
Published
2020-01-02
CVE-2014-0241
rubygem-hammer_cli_foreman: File /etc/hammer/cli.modules.d/foreman.yml world readable
CVSS Score
5.5
EPSS Score
0.001
Published
2019-12-13
CVE-2013-2101
Katello has multiple XSS issues in various entities
CVSS Score
5.4
EPSS Score
0.003
Published
2019-12-03
CVE-2013-6460
Nokogiri gem 1.5.x has Denial of Service via infinite loop when parsing XML documents
CVSS Score
6.5
EPSS Score
0.025
Published
2019-11-05


Products
Pricing
Contact Us

Shodan ® - All rights reserved