Vulnerabilities (CVE)

Filtered by vendor Redhat Subscribe
Filtered by product Satellite
Total 214 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-0119 1 Redhat 2 Enterprise Linux, Satellite 2024-05-03 N/A 5.4 MEDIUM
A stored Cross-site scripting vulnerability was found in foreman. The Comment section in the Hosts tab has incorrect filtering of user input data. As a result of the attack, an attacker with an existing account on the system can steal another user's session, make requests on behalf of the user, and obtain user credentials.
CVE-2023-0118 2 Redhat, Theforeman 3 Enterprise Linux, Satellite, Foreman 2024-05-03 N/A 9.1 CRITICAL
An arbitrary code execution flaw was found in Foreman. This flaw allows an admin user to bypass safe mode in templates and execute arbitrary code on the underlying operating system.
CVE-2023-44487 32 Akka, Amazon, Apache and 29 more 310 Http Server, Opensearch Data Prepper, Apisix and 307 more 2024-04-26 N/A 7.5 HIGH
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2023-5189 1 Redhat 2 Ansible Automation Platform, Satellite 2024-04-25 N/A 6.5 MEDIUM
A path traversal vulnerability exists in Ansible when extracting tarballs. An attacker could craft a malicious tarball so that when using the galaxy importer of Ansible Automation Hub, a symlink could be dropped on the disk, resulting in files being overwritten.
CVE-2023-4320 1 Redhat 1 Satellite 2024-04-25 N/A 7.5 HIGH
An arithmetic overflow flaw was found in Satellite when creating a new personal access token. This flaw allows an attacker who uses this arithmetic overflow to create personal access tokens that are valid indefinitely, resulting in damage to the system's integrity.
CVE-2023-4886 2 Redhat, Theforeman 2 Satellite, Foreman 2024-03-01 N/A 4.4 MEDIUM
A sensitive information exposure vulnerability was found in foreman. Contents of tomcat's server.xml file, which contain passwords to candlepin's keystore and truststore, were found to be world readable.
CVE-2017-15100 2 Redhat, Theforeman 3 Satellite, Satellite Capsule, Foreman 2024-02-15 4.3 MEDIUM 6.1 MEDIUM
An attacker submitting facts to the Foreman server containing HTML can cause a stored XSS on certain pages: (1) Facts page, when clicking on the "chart" button and hovering over the chart; (2) Trends page, when checking the graph for a trend based on a such fact; (3) Statistics page, for facts that are aggregated on this page.
CVE-2008-2369 1 Redhat 1 Satellite 2024-02-13 6.4 MEDIUM 9.1 CRITICAL
manzier.pxt in Red Hat Network Satellite Server before 5.1.1 has a hard-coded authentication key, which allows remote attackers to connect to the server and obtain sensitive information about user accounts and entitlements.
CVE-2017-2667 2 Redhat, Theforeman 3 Satellite, Satellite Capsule, Hammer Cli 2024-01-26 6.8 MEDIUM 8.1 HIGH
Hammer CLI, a CLI utility for Foreman, before version 0.10.0, did not explicitly set the verify_ssl flag for apipie-bindings that disable it by default. As a result the server certificates are not checked and connections are prone to man-in-the-middle attacks.
CVE-2016-10165 6 Canonical, Debian, Littlecms and 3 more 19 Ubuntu Linux, Debian Linux, Little Cms Color Engine and 16 more 2024-01-10 5.8 MEDIUM 7.1 HIGH
The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.
CVE-2022-3874 2 Redhat, Theforeman 2 Satellite, Foreman 2023-12-10 N/A 9.1 CRITICAL
A command injection flaw was found in foreman. This flaw allows an authenticated user with admin privileges on the foreman instance to transpile commands through CoreOS and Fedora CoreOS configurations in templates, possibly resulting in arbitrary command execution on the underlying operating system.
CVE-2023-0462 2 Redhat, Theforeman 2 Satellite, Foreman 2023-12-10 N/A 9.1 CRITICAL
An arbitrary code execution flaw was found in Foreman. This issue may allow an admin user to execute arbitrary code on the underlying operating system by setting global parameters with a YAML payload.
CVE-2023-1832 2 Candlepinproject, Redhat 2 Candlepin, Satellite 2023-12-10 N/A 8.1 HIGH
An improper access control flaw was found in Candlepin. An attacker can create data scoped under another customer/tenant, which can result in loss of confidentiality and availability for the affected customer/tenant.
CVE-2022-4130 1 Redhat 1 Satellite 2023-12-10 N/A 4.5 MEDIUM
A blind site-to-site request forgery vulnerability was found in Satellite server. It is possible to trigger an external interaction to an attacker's server by modifying the Referer header in an HTTP request of specific resources in the server.
CVE-2021-3590 2 Redhat, Theforeman 2 Satellite, Foreman 2023-12-10 N/A 8.8 HIGH
A flaw was found in Foreman project. A credential leak was identified which will expose Azure Compute Profile password through JSON of the API output. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2015-1931 3 Ibm, Redhat, Suse 8 Java Sdk, Enterprise Linux Desktop, Enterprise Linux Eus and 5 more 2023-12-10 N/A 5.5 MEDIUM
IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR1 FP10, 7 R1 before SR3 FP10, 7 before SR9 FP10, 6 R1 before SR8 FP7, 6 before SR16 FP7, and 5.0 before SR16 FP13 stores plaintext information in memory dumps, which allows local users to obtain sensitive information by reading a file.
CVE-2021-3414 1 Redhat 1 Satellite 2023-12-10 N/A 8.1 HIGH
A flaw was found in satellite. When giving granular permission related to the organization, other permissions allowing a user to view and manage other organizations are also granted. The highest threat from this vulnerability is to data confidentiality.
CVE-2022-3644 2 Pulpproject, Redhat 4 Pulp Ansible, Ansible Automation Platform, Satellite and 1 more 2023-12-10 N/A 5.5 MEDIUM
The collection remote for pulp_ansible stores tokens in plaintext instead of using pulp's encrypted field and exposes them in read/write mode via the API () instead of marking it as write only.
CVE-2021-3589 2 Redhat, Theforeman 2 Satellite, Foreman Ansible 2023-12-10 6.5 MEDIUM 8.0 HIGH
An authorization flaw was found in Foreman Ansible. An authenticated attacker with certain permissions to create and run Ansible jobs can access hosts through job templates. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2021-44420 5 Canonical, Debian, Djangoproject and 2 more 5 Ubuntu Linux, Debian Linux, Django and 2 more 2023-12-10 7.5 HIGH 7.3 HIGH
In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, HTTP requests for URLs with trailing newlines could bypass upstream access control based on URL paths.