This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Redhat First view 2021-05-27
Product Satellite Last view 2023-12-18
Version 6.7 Type Application
Update -  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:redhat:satellite

Activity : Overall

Related : CVE

  Date Alert Description
7.5 2023-12-18 CVE-2023-4320

An arithmetic overflow flaw was found in Satellite when creating a new personal access token. This flaw allows an attacker who uses this arithmetic overflow to create personal access tokens that are valid indefinitely, resulting in damage to the system's integrity.

8.1 2022-08-26 CVE-2021-3414

A flaw was found in satellite. When giving granular permission related to the organization, other permissions allowing a user to view and manage other organizations are also granted. The highest threat from this vulnerability is to data confidentiality.

6.5 2021-05-27 CVE-2020-10716

A flaw was found in Red Hat Satellite's Job Invocation, where the "User Input" entry was not properly restricted to the view. This flaw allows a malicious Satellite user to scan through the Job Invocation, with the ability to search for passwords and other sensitive data. This flaw affects tfm-rubygem-foreman_ansible versions before 4.0.3.4.

CWE : Common Weakness Enumeration

%idName
50% (1) CWE-613 Insufficient Session Expiration
50% (1) CWE-281 Improper Preservation of Permissions