Redhat Network_satellite
9 CVEs affecting Redhat Network_satellite. Latest disclosed: 2015-05-14. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2011-1594 | Medium | 6.5 | 2014-02-05 | A flaw was found in Spacewalk, as used in Red Hat Network Satellite. This open redirect vulnerability allows remote attackers to redirect users to arbitrary we… |
CVE-2011-2920 | Medium | 5.5 | 2014-02-05 | A flaw was found in Spacewalk and Red Hat Network Satellite. This cross-site scripting (XSS) vulnerability allows a remote attacker to inject arbitrary web scr… |
CVE-2011-3344 | Medium | 5.4 | 2014-02-05 | A flaw was found in Spacewalk. A remote attacker can exploit a cross-site scripting (XSS) vulnerability in the Lookup Login/Password form by injecting arbitrar… |
CVE-2011-2927 | Medium | 5.4 | 2014-02-05 | A flaw was found in Spacewalk and Red Hat Network Satellite. This vulnerability, known as cross-site scripting (XSS), allows remote attackers to inject malicio… |
CVE-2014-8162 | | 2015-05-14 | XML external entity (XXE) in the RPC interface in Spacewalk and Red Hat Network (RHN) Satellite 5.7 and earlier allows remote attackers to read arbitrary files… | |
CVE-2014-7811 | | 2015-01-15 | Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk and Red Hat Network (RHN) Satellite before 5.7.0 allow remote authenticated users to inject ar… | |
CVE-2013-2143 | | 2014-04-17 | The users controller in Katello 1.5.0-14 and earlier, and Red Hat Satellite, does not check authorization for the update_roles action, which allows remote auth… | |
CVE-2011-2919 | | 2014-02-05 | Cross-site scripting (XSS) vulnerability in Spacewalk 1.6, as used in Red Hat Network (RHN) Satellite, allows remote attackers to inject arbitrary web script o… | |
CVE-2013-4480 | | 2013-11-18 | Red Hat Satellite 5.6 and earlier does not disable the web interface that is used to create the first user for a satellite, which allows remote attackers to cr… |