manzier.pxt in Red Hat Network Satellite Server before 5.1.1 has a hard-coded authentication key, which allows remote attackers to connect to the server and obtain sensitive information about user accounts and entitlements.
References
Link | Resource |
---|---|
http://rhn.redhat.com/errata/RHSA-2008-0630.html | Vendor Advisory |
http://secunia.com/advisories/31493 | Broken Link |
http://securitytracker.com/id?1020694 | Broken Link Third Party Advisory VDB Entry |
http://www.securityfocus.com/bid/30679 | Broken Link Third Party Advisory VDB Entry |
https://exchange.xforce.ibmcloud.com/vulnerabilities/44452 | Third Party Advisory VDB Entry |
Configurations
History
13 Feb 2024, 16:46
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 6.4
v3 : 9.1 |
References | () http://securitytracker.com/id?1020694 - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.securityfocus.com/bid/30679 - Broken Link, Third Party Advisory, VDB Entry |
03 Feb 2022, 19:57
Type | Values Removed | Values Added |
---|---|---|
References | (REDHAT) http://rhn.redhat.com/errata/RHSA-2008-0630.html - Vendor Advisory | |
References | (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/44452 - Third Party Advisory, VDB Entry | |
References | (SECTRACK) http://securitytracker.com/id?1020694 - Third Party Advisory, VDB Entry | |
References | (BID) http://www.securityfocus.com/bid/30679 - Third Party Advisory, VDB Entry | |
References | (SECUNIA) http://secunia.com/advisories/31493 - Broken Link | |
CWE | CWE-798 | |
First Time |
Redhat satellite
Redhat |
|
CPE | cpe:2.3:a:red_hat:network_satellite_server:4.1.2:*:*:*:*:*:*:* cpe:2.3:a:red_hat:network_satellite_server:5.1.0:*:*:*:*:*:*:* cpe:2.3:a:red_hat:network_satellite_server:3:*:*:*:*:*:*:* cpe:2.3:a:red_hat:network_satellite_server:4.1:*:*:*:*:*:*:* cpe:2.3:a:red_hat:network_satellite_server:2.7:*:*:*:*:*:*:* cpe:2.3:a:red_hat:network_satellite_server:2:*:*:*:*:*:*:* cpe:2.3:a:red_hat:network_satellite_server:4.0.5:*:*:*:*:*:*:* cpe:2.3:a:red_hat:network_satellite_server:4.0.1:*:*:*:*:*:*:* cpe:2.3:a:red_hat:network_satellite_server:4.1.5:*:*:*:*:*:*:* cpe:2.3:a:red_hat:network_satellite_server:4.0.6:*:*:*:*:*:*:* cpe:2.3:a:red_hat:network_satellite_server:3.4:*:*:*:*:*:*:* cpe:2.3:a:red_hat:network_satellite_server:2.6:*:*:*:*:*:*:* cpe:2.3:a:red_hat:network_satellite_server:5.0.1:*:*:*:*:*:*:* cpe:2.3:a:red_hat:network_satellite_server:4.0.2:*:*:*:*:*:*:* cpe:2.3:a:red_hat:network_satellite_server:5:*:*:*:*:*:*:* cpe:2.3:a:red_hat:network_satellite_server:3.7.2:*:*:*:*:*:*:* cpe:2.3:a:red_hat:network_satellite_server:3.2:*:*:*:*:*:*:* cpe:2.3:a:red_hat:network_satellite_server:3.7:*:*:*:*:*:*:* cpe:2.3:a:red_hat:network_satellite_server:4:*:*:*:*:*:*:* cpe:2.3:a:red_hat:network_satellite_server:2.0.1:*:*:*:*:*:*:* cpe:2.3:a:red_hat:network_satellite_server:4.2.2:*:*:*:*:*:*:* cpe:2.3:a:red_hat:network_satellite_server:3.6:*:*:*:*:*:*:* cpe:2.3:a:red_hat:network_satellite_server:4.2:*:*:*:*:*:*:* cpe:2.3:a:red_hat:network_satellite_server:4.0.7:*:*:*:*:*:*:* |
cpe:2.3:a:redhat:satellite:*:*:*:*:*:*:*:* |
Information
Published : 2008-08-14 20:41
Updated : 2024-02-13 16:46
NVD link : CVE-2008-2369
Mitre link : CVE-2008-2369
CVE.ORG link : CVE-2008-2369
JSON object : View
Products Affected
redhat
- satellite
CWE
CWE-798
Use of Hard-coded Credentials