CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-7513

It was found that Satellite 5 configured with SSL/TLS for the PostgreSQL backend failed to correctly validate X.509 server certificate host name fields. A man-in-the-middle attacker could use this flaw to spoof a PostgreSQL server using a specially crafted X.509 certificate.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 27.0%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 5.8

References

Products affected by CVE-2017-7513

Redhat » Satellite » Version: 5.0

cpe:2.3:a:redhat:satellite:5.0
Redhat » Satellite » Version: 5.1.1

cpe:2.3:a:redhat:satellite:5.1.1
Redhat » Satellite » Version: 5.2

cpe:2.3:a:redhat:satellite:5.2
Redhat » Satellite » Version: 5.3

cpe:2.3:a:redhat:satellite:5.3
Redhat » Satellite » Version: 5.4

cpe:2.3:a:redhat:satellite:5.4
Redhat » Satellite » Version: 5.4.1

cpe:2.3:a:redhat:satellite:5.4.1
Redhat » Satellite » Version: 5.5

cpe:2.3:a:redhat:satellite:5.5
Redhat » Satellite » Version: 5.6

cpe:2.3:a:redhat:satellite:5.6
Redhat » Satellite » Version: 5.7

cpe:2.3:a:redhat:satellite:5.7
Redhat » Satellite » Version: 5.8

cpe:2.3:a:redhat:satellite:5.8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-7513

Products

Pricing

Contact Us