National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:redhat:satellite:5.3
There are 5 matching records.
Vuln ID Summary CVSS Severity
CVE-2019-3845

A lack of access control was found in the message queues maintained by Satellite's QPID broker and used by katello-agent in versions before Satellite 6.2, Satellite 6.1 optional and Satellite Capsule 6.1. A malicious user authenticated to a host registered to Satellite (or Capsule) can use this flaw to access QMF methods to any host also registered to Satellite (or Capsule) and execute privileged commands.

Published: April 11, 2019; 11:29:00 AM -04:00
V3.0: 8.0 HIGH
    V2: 5.2 MEDIUM
CVE-2017-7513

It was found that Satellite 5 configured with SSL/TLS for the PostgreSQL backend failed to correctly validate X.509 server certificate host name fields. A man-in-the-middle attacker could use this flaw to spoof a PostgreSQL server using a specially crafted X.509 certificate.

Published: August 22, 2018; 11:29:00 AM -04:00
V3.0: 5.4 MEDIUM
    V2: 5.8 MEDIUM
CVE-2017-7514

A cross-site scripting (XSS) flaw was found in how the failed action entry is processed in Red Hat Satellite before version 5.8.0. A user able to specify a failed action could exploit this flaw to perform XSS attacks against other Satellite users.

Published: July 30, 2018; 11:29:00 AM -04:00
V3.0: 5.4 MEDIUM
    V2: 3.5 LOW
CVE-2017-12175

Red Hat Satellite before 6.5 is vulnerable to a XSS in discovery rule when you are entering filter and you use autocomplete functionality.

Published: July 26, 2018; 01:29:00 PM -04:00
V3.0: 5.4 MEDIUM
    V2: 3.5 LOW
CVE-2017-7538

A cross-site scripting (XSS) flaw was found in how an organization name is displayed in Satellite 5, before 5.8. A user able to change an organization's name could exploit this flaw to perform XSS attacks against other Satellite users.

Published: July 26, 2018; 11:29:00 AM -04:00
V3.0: 5.4 MEDIUM
    V2: 3.5 LOW