Vulnerability Details CVE-2013-4480
Red Hat Satellite 5.6 and earlier does not disable the web interface that is used to create the first user for a satellite, which allows remote attackers to create administrator accounts.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 71.0%
CVSS Severity
CVSS v2 Score 7.5
References
- http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00009.html
- http://rhn.redhat.com/errata/RHSA-2013-1513.html
- http://rhn.redhat.com/errata/RHSA-2013-1514.html
- https://access.redhat.com/site/articles/539283
- https://bugzilla.redhat.com/show_bug.cgi?id=1024614
- http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00009.html
- http://rhn.redhat.com/errata/RHSA-2013-1513.html
- http://rhn.redhat.com/errata/RHSA-2013-1514.html
- https://access.redhat.com/site/articles/539283
- https://bugzilla.redhat.com/show_bug.cgi?id=1024614
Products affected by CVE-2013-4480
-
cpe:2.3:a:redhat:network_satellite:-
-
cpe:2.3:a:redhat:network_satellite:3.7
-
cpe:2.3:a:redhat:network_satellite:4.0
-
cpe:2.3:a:redhat:network_satellite:4.1
-
cpe:2.3:a:redhat:network_satellite:4.2
-
cpe:2.3:a:redhat:network_satellite:5.0
-
cpe:2.3:a:redhat:network_satellite:5.1
-
cpe:2.3:a:redhat:network_satellite:5.2
-
cpe:2.3:a:redhat:network_satellite:5.3
-
cpe:2.3:a:redhat:network_satellite:5.4
-
cpe:2.3:a:redhat:network_satellite:5.5
-
cpe:2.3:a:redhat:network_satellite:5.6
-
cpe:2.3:a:redhat:satellite:3.7
-
cpe:2.3:a:redhat:satellite:4.0
-
cpe:2.3:a:redhat:satellite:4.1
-
cpe:2.3:a:redhat:satellite:4.2
-
cpe:2.3:a:redhat:satellite:5
-
cpe:2.3:a:redhat:satellite:5.0
-
cpe:2.3:a:redhat:satellite:5.1
-
cpe:2.3:a:redhat:satellite:5.1.1
-
cpe:2.3:a:redhat:satellite:5.2
-
cpe:2.3:a:redhat:satellite:5.3
-
cpe:2.3:a:redhat:satellite:5.4
-
cpe:2.3:a:redhat:satellite:5.4.1
-
cpe:2.3:a:redhat:satellite:5.5
-
cpe:2.3:a:redhat:satellite:5.6
-
cpe:2.3:a:redhat:satellite_with_embedded_oracle:5.2
-
cpe:2.3:a:redhat:satellite_with_embedded_oracle:5.3
-
cpe:2.3:a:redhat:satellite_with_embedded_oracle:5.4
-
cpe:2.3:a:redhat:satellite_with_embedded_oracle:5.5
-
cpe:2.3:a:suse:manager:1.7
-
cpe:2.3:o:suse:linux_enterprise:11.0