Theforeman Katello
2 CVEs affecting Theforeman Katello. Latest disclosed: 2014-04-17. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2012-3503 | Critical | 9.8 | 2012-08-25 | The installation script in Katello 1.0 and earlier does not properly generate the Application.config.secret_token value, which causes each default installation… |
CVE-2013-2143 | | 2014-04-17 | The users controller in Katello 1.5.0-14 and earlier, and Red Hat Satellite, does not check authorization for the update_roles action, which allows remote auth… |