Summary
Detail | |||
---|---|---|---|
Vendor | Redhat | First view | 2007-03-29 |
Product | Satellite | Last view | 2023-12-18 |
Version | Type | ||
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
7.5 | 2023-12-18 | CVE-2023-4320 | An arithmetic overflow flaw was found in Satellite when creating a new personal access token. This flaw allows an attacker who uses this arithmetic overflow to create personal access tokens that are valid indefinitely, resulting in damage to the system's integrity. |
6.5 | 2023-11-14 | CVE-2023-5189 | A path traversal vulnerability exists in Ansible when extracting tarballs. An attacker could craft a malicious tarball so that when using the galaxy importer of Ansible Automation Hub, a symlink could be dropped on the disk, resulting in files being overwritten. |
7.5 | 2023-10-10 | CVE-2023-44487 | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. |
8.1 | 2023-10-04 | CVE-2023-1832 | An improper access control flaw was found in Candlepin. An attacker can create data scoped under another customer/tenant, which can result in loss of confidentiality and availability for the affected customer/tenant. |
4.4 | 2023-10-03 | CVE-2023-4886 | A sensitive information exposure vulnerability was found in foreman. Contents of tomcat's server.xml file, which contain passwords to candlepin's keystore and truststore, were found to be world readable. |
9.1 | 2023-09-22 | CVE-2022-3874 | A command injection flaw was found in foreman. This flaw allows an authenticated user with admin privileges on the foreman instance to transpile commands through CoreOS and Fedora CoreOS configurations in templates, possibly resulting in arbitrary command execution on the underlying operating system. |
9.1 | 2023-09-20 | CVE-2023-0462 | An arbitrary code execution flaw was found in Foreman. This issue may allow an admin user to execute arbitrary code on the underlying operating system by setting global parameters with a YAML payload. |
5.4 | 2023-09-12 | CVE-2023-0119 | A stored Cross-site scripting vulnerability was found in foreman. The Comment section in the Hosts tab has incorrect filtering of user input data. As a result of the attack, an attacker with an existing account on the system can steal another user's session, make requests on behalf of the user, and obtain user credentials. |
4.5 | 2022-12-16 | CVE-2022-4130 | A blind site-to-site request forgery vulnerability was found in Satellite server. It is possible to trigger an external interaction to an attacker's server by modifying the Referer header in an HTTP request of specific resources in the server. |
5.5 | 2022-10-25 | CVE-2022-3644 | The collection remote for pulp_ansible stores tokens in plaintext instead of using pulp's encrypted field and exposes them in read/write mode via the API () instead of marking it as write only. |
5.5 | 2022-09-29 | CVE-2015-1931 | IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR1 FP10, 7 R1 before SR3 FP10, 7 before SR9 FP10, 6 R1 before SR8 FP7, 6 before SR16 FP7, and 5.0 before SR16 FP13 stores plaintext information in memory dumps, which allows local users to obtain sensitive information by reading a file. |
8.1 | 2022-08-26 | CVE-2021-3414 | A flaw was found in satellite. When giving granular permission related to the organization, other permissions allowing a user to view and manage other organizations are also granted. The highest threat from this vulnerability is to data confidentiality. |
8.8 | 2022-08-22 | CVE-2021-3590 | A flaw was found in Foreman project. A credential leak was identified which will expose Azure Compute Profile password through JSON of the API output. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
8 | 2022-03-23 | CVE-2021-3589 | An authorization flaw was found in Foreman Ansible. An authenticated attacker with certain permissions to create and run Ansible jobs can access hosts through job templates. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
6.6 | 2021-12-16 | CVE-2021-42550 | In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers. |
7.5 | 2021-06-02 | CVE-2020-14380 | An account takeover flaw was found in Red Hat Satellite 6.7.2 onward. A potential attacker with proper authentication to the relevant external authentication source (SSO or Open ID) can claim the privileges of already existing local users of Satellite. |
6.5 | 2021-06-02 | CVE-2020-14371 | A credential leak vulnerability was found in Red Hat Satellite. This flaw exposes the compute resources credentials through VMs that are running on these resources in Satellite. |
5.5 | 2021-06-02 | CVE-2020-14335 | A flaw was found in Red Hat Satellite, which allows a privileged attacker to read OMAPI secrets through the ISC DHCP of Smart-Proxy. This flaw allows an attacker to gain control of DHCP records from the network. The highest threat from this vulnerability is to system availability. |
6.5 | 2021-05-27 | CVE-2020-10716 | A flaw was found in Red Hat Satellite's Job Invocation, where the "User Input" entry was not properly restricted to the view. This flaw allows a malicious Satellite user to scan through the Job Invocation, with the ability to search for passwords and other sensitive data. This flaw affects tfm-rubygem-foreman_ansible versions before 4.0.3.4. |
6.3 | 2021-04-08 | CVE-2021-3413 | A flaw was found in Red Hat Satellite in tfm-rubygem-foreman_azure_rm in versions before 2.2.0. A credential leak was identified which will expose Azure Resource Manager's secret key through JSON of the API output. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
5.3 | 2021-02-23 | CVE-2021-20256 | A flaw was found in Red Hat Satellite. The BMC interface exposes the password through the API to an authenticated local attacker with view_hosts permission. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
8.8 | 2020-07-31 | CVE-2020-14334 | A flaw was found in Red Hat Satellite 6 which allows privileged attacker to read cache files. These cache credentials could help attacker to gain complete control of the Satellite instance. |
5.3 | 2020-05-06 | CVE-2020-10693 | A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL expressions to be evaluated as if they were valid. This flaw allows attackers to bypass input sanitation (escaping, stripping) controls that developers may have put in place when handling user-controlled data in error messages. |
7.5 | 2020-02-19 | CVE-2012-6685 | Nokogiri before 1.5.4 is vulnerable to XXE attacks |
6.5 | 2020-01-02 | CVE-2014-3590 | Versions of Foreman as shipped with Red Hat Satellite 6 does not check for a correct CSRF token in the logout action. Therefore, an attacker can log out a user by having them view specially crafted content. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
23% (24) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
7% (8) | CWE-200 | Information Exposure |
6% (7) | CWE-20 | Improper Input Validation |
3% (4) | CWE-269 | Improper Privilege Management |
3% (4) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
2% (3) | CWE-776 | Unrestricted Recursive Entity References in DTDs ('XML Bomb') |
2% (3) | CWE-522 | Insufficiently Protected Credentials |
2% (3) | CWE-502 | Deserialization of Untrusted Data |
2% (3) | CWE-287 | Improper Authentication |
2% (3) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
1% (2) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
1% (2) | CWE-319 | Cleartext Transmission of Sensitive Information |
1% (2) | CWE-306 | Missing Authentication for Critical Function |
1% (2) | CWE-295 | Certificate Issues |
1% (2) | CWE-284 | Access Control (Authorization) Issues |
1% (2) | CWE-264 | Permissions, Privileges, and Access Controls |
1% (2) | CWE-255 | Credentials Management |
0% (1) | CWE-798 | Use of Hard-coded Credentials |
0% (1) | CWE-770 | Allocation of Resources Without Limits or Throttling |
0% (1) | CWE-749 | Exposed Dangerous Method or Function |
0% (1) | CWE-732 | Incorrect Permission Assignment for Critical Resource |
0% (1) | CWE-668 | Exposure of Resource to Wrong Sphere |
0% (1) | CWE-613 | Insufficient Session Expiration |
0% (1) | CWE-611 | Information Leak Through XML External Entity File Disclosure |
0% (1) | CWE-532 | Information Leak Through Log Files |
Oval Markup Language : Definitions
OvalID | Name |
---|---|
oval:org.mitre.oval:def:8349 | Security Vulnerabilities in the Apache 2 "mod_perl2" Module Components "PerlR... |
oval:org.mitre.oval:def:10987 | PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl ... |
oval:org.mitre.oval:def:21702 | ELSA-2007:0395: mod_perl security update (Low) |
oval:org.mitre.oval:def:28927 | Vulnerability in IBM SDK Java JSSE affects AIX |
oval:org.mitre.oval:def:28880 | Vulnerability in IBM SDK Java JSSE affects AIX |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
78359 | Spacewalk Registration Function XMLRPC Call Failure Remote Credentials Disclo... |
77576 | Red Hat Network Satellite Server Custom System Info Page Description Field XSS |
73568 | Red Hat Network Satellite Server comps.xml Channel File Obsolete XML-RPC API ... |
47801 | Red Hat Network Satellite Server manzier.pxt Authentication Key Weakness Remo... |
45765 | Red Hat Network Channel Search Feature Unspecified XSS |
34541 | mod_perl for Apache HTTP Server RegistryCooker.pm PATH_INFO Crafted URI Remot... |
34540 | mod_perl for Apache HTTP Server PerlRun.pm PATH_INFO Crafted URI Remote DoS |
OpenVAS Exploits
id | Description |
---|---|
2009-10-10 | Name : SLES9: Security update for mod_perl File : nvt/sles9p5019089.nasl |
2009-04-24 | Name : Mod_Perl Path_Info Remote Denial Of Service Vulnerability File : nvt/modperl_cve_2007_1349.nasl |
2009-04-09 | Name : Mandriva Update for apache-mod_perl MDKSA-2007:083 (apache-mod_perl) File : nvt/gb_mandriva_MDKSA_2007_083.nasl |
2009-03-23 | Name : Ubuntu Update for libapache2-mod-perl2 vulnerability USN-488-1 File : nvt/gb_ubuntu_USN_488_1.nasl |
2009-02-27 | Name : Fedora Update for mod_perl FEDORA-2007-0316 File : nvt/gb_fedora_2007_0316_mod_perl_fc7.nasl |
2009-02-27 | Name : Fedora Update for mod_perl FEDORA-2007-576 File : nvt/gb_fedora_2007_576_mod_perl_fc5.nasl |
2009-02-27 | Name : Fedora Update for mod_perl FEDORA-2007-577 File : nvt/gb_fedora_2007_577_mod_perl_fc6.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200705-04 (mod_perl) File : nvt/glsa_200705_04.nasl |
2008-09-04 | Name : FreeBSD Ports: mod_perl File : nvt/freebsd_mod_perl.nasl |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2015-A-0199 | Multiple Vulnerabilities in Apple Mac OS X Severity: Category I - VMSKEY: V0061337 |
2015-A-0158 | Multiple Vulnerabilities in Oracle Java SE Severity: Category I - VMSKEY: V0061089 |
Snort® IPS/IDS
Date | Description |
---|---|
2017-12-29 | Jackson databind deserialization remote code execution attempt RuleID : 45016 - Type : FILE-OTHER - Revision : 3 |
2017-12-29 | Jackson databind deserialization remote code execution attempt RuleID : 45015 - Type : FILE-OTHER - Revision : 3 |
2017-12-29 | Jackson databind deserialization remote code execution attempt RuleID : 45014 - Type : FILE-OTHER - Revision : 3 |
2017-12-29 | Jackson databind deserialization remote code execution attempt RuleID : 45013 - Type : FILE-OTHER - Revision : 3 |
2017-12-29 | Jackson databind deserialization remote code execution attempt RuleID : 45012 - Type : FILE-OTHER - Revision : 4 |
2017-12-29 | Jackson databind deserialization remote code execution attempt RuleID : 45011 - Type : FILE-OTHER - Revision : 3 |
2017-12-29 | Jackson databind deserialization remote code execution attempt RuleID : 45010 - Type : FILE-OTHER - Revision : 3 |
2017-12-29 | Jackson databind deserialization remote code execution attempt RuleID : 45009 - Type : FILE-OTHER - Revision : 3 |
2017-12-29 | Jackson databind deserialization remote code execution attempt RuleID : 45008 - Type : FILE-OTHER - Revision : 3 |
2017-12-29 | Jackson databind deserialization remote code execution attempt RuleID : 45007 - Type : FILE-OTHER - Revision : 3 |
2017-12-29 | Jackson databind deserialization remote code execution attempt RuleID : 45006 - Type : FILE-OTHER - Revision : 4 |
2017-12-29 | Jackson databind deserialization remote code execution attempt RuleID : 45005 - Type : FILE-OTHER - Revision : 4 |
2017-12-29 | Jackson databind deserialization remote code execution attempt RuleID : 45004 - Type : FILE-OTHER - Revision : 3 |
2017-12-29 | Jackson databind deserialization remote code execution attempt RuleID : 45003 - Type : FILE-OTHER - Revision : 3 |
2017-12-29 | Jackson databind deserialization remote code execution attempt RuleID : 45002 - Type : FILE-OTHER - Revision : 3 |
2017-04-12 | SSL/TLS weak RC4 cipher suite use attempt RuleID : 41907 - Type : POLICY-OTHER - Revision : 3 |
2016-04-05 | SSL/TLS weak RC4 cipher suite use attempt RuleID : 37916 - Type : POLICY-OTHER - Revision : 3 |
2016-04-05 | SSL/TLS weak RC4 cipher suite use attempt RuleID : 37915 - Type : POLICY-OTHER - Revision : 3 |
2016-04-05 | SSL/TLS weak RC4 cipher suite use attempt RuleID : 37914 - Type : POLICY-OTHER - Revision : 3 |
2016-04-05 | SSL/TLS weak RC4 cipher suite use attempt RuleID : 37913 - Type : POLICY-OTHER - Revision : 3 |
2016-04-05 | SSL/TLS weak RC4 cipher suite use attempt RuleID : 37912 - Type : POLICY-OTHER - Revision : 3 |
2016-03-14 | SSL/TLS weak RC4 cipher suite use attempt RuleID : 37026 - Type : POLICY-OTHER - Revision : 4 |
2016-03-14 | SSL/TLS weak RC4 cipher suite use attempt RuleID : 37025 - Type : POLICY-OTHER - Revision : 4 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2019-01-16 | Name: The remote database server is affected by multiple vulnerabilities File: mariadb_10_0_37.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-11b794d13f.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-1d2a79fe1c.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-22c609e92a.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-242f6c1a41.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-54a5bcc7e4.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-55b875c1ac.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-bf292e6cdf.nasl - Type: ACT_GATHER_INFO |
2018-12-28 | Name: The remote EulerOS host is missing multiple security updates. File: EulerOS_SA-2018-1416.nasl - Type: ACT_GATHER_INFO |
2018-12-10 | Name: The remote EulerOS host is missing multiple security updates. File: EulerOS_SA-2018-1386.nasl - Type: ACT_GATHER_INFO |
2018-12-10 | Name: The remote Amazon Linux 2 host is missing a security update. File: al2_ALAS-2018-1111.nasl - Type: ACT_GATHER_INFO |
2018-12-07 | Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2018-1111.nasl - Type: ACT_GATHER_INFO |
2018-12-07 | Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2018-1114.nasl - Type: ACT_GATHER_INFO |
2018-12-07 | Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2018-1115.nasl - Type: ACT_GATHER_INFO |
2018-12-07 | Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2018-1116.nasl - Type: ACT_GATHER_INFO |
2018-11-27 | Name: The remote Virtuozzo host is missing a security update. File: Virtuozzo_VZLSA-2017-1789.nasl - Type: ACT_GATHER_INFO |
2018-11-27 | Name: The remote Virtuozzo host is missing a security update. File: Virtuozzo_VZLSA-2017-2424.nasl - Type: ACT_GATHER_INFO |
2018-11-27 | Name: The remote Fedora host is missing a security update. File: fedora_2018-192148f4ff.nasl - Type: ACT_GATHER_INFO |
2018-11-23 | Name: The remote Debian host is missing a security update. File: debian_DLA-1590.nasl - Type: ACT_GATHER_INFO |
2018-11-21 | Name: The remote Virtuozzo host is missing a security update. File: Virtuozzo_VZLSA-2018-2942.nasl - Type: ACT_GATHER_INFO |
2018-11-21 | Name: The remote Virtuozzo host is missing a security update. File: Virtuozzo_VZLSA-2018-2943.nasl - Type: ACT_GATHER_INFO |
2018-11-21 | Name: The remote Virtuozzo host is missing a security update. File: Virtuozzo_VZLSA-2018-3409.nasl - Type: ACT_GATHER_INFO |
2018-11-21 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2018-3350.nasl - Type: ACT_GATHER_INFO |
2018-11-21 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2018-3409.nasl - Type: ACT_GATHER_INFO |
2018-11-21 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2018-3521.nasl - Type: ACT_GATHER_INFO |