Shodan
Vulnerabilities
Vulnerable Software
Redhat:  >> Network Satellite  Security Vulnerabilities
CVE-2014-8162
XML external entity (XXE) in the RPC interface in Spacewalk and Red Hat Network (RHN) Satellite 5.7 and earlier allows remote attackers to read arbitrary files and possibly have other unspecified impact via unknown vectors.
CVSS Score
7.5
EPSS Score
0.008
Published
2015-05-14
CVE-2014-7811
Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk and Red Hat Network (RHN) Satellite before 5.7.0 allow remote authenticated users to inject arbitrary web script or HTML via crafted XML data to the REST API.
CVSS Score
3.5
EPSS Score
0.002
Published
2015-01-15
CVE-2013-2143
The users controller in Katello 1.5.0-14 and earlier, and Red Hat Satellite, does not check authorization for the update_roles action, which allows remote authenticated users to gain privileges by setting a user account to an administrator account.
CVSS Score
6.5
EPSS Score
0.64
Published
2014-04-17
CVE-2011-3344
Cross-site scripting (XSS) vulnerability in the Lookup Login/Password form in Spacewalk 1.6, as used in Red Hat Network (RHN) Satellite, allows remote attackers to inject arbitrary web script or HTML via the URI.
CVSS Score
4.3
EPSS Score
0.004
Published
2014-02-05
CVE-2011-2919
Cross-site scripting (XSS) vulnerability in Spacewalk 1.6, as used in Red Hat Network (RHN) Satellite, allows remote attackers to inject arbitrary web script or HTML via the QueryString to the SystemGroupList.do page.
CVSS Score
4.3
EPSS Score
0.003
Published
2014-02-05
CVE-2011-2920
Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk 1.6, as used in Red Hat Network (RHN) Satellite, allow remote attackers to inject arbitrary web script or HTML via the "Filter by Synopsis" field and other unspecified filter forms.
CVSS Score
4.3
EPSS Score
0.004
Published
2014-02-05
CVE-2011-2927
Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk 1.6, as used in Red Hat Network (RHN) Satellite, allow remote attackers to inject arbitrary web script or HTML via vectors related to Search forms.
CVSS Score
4.3
EPSS Score
0.003
Published
2014-02-05
CVE-2011-1594
Open redirect vulnerability in Spacewalk 1.6, as used in Red Hat Network (RHN) Satellite, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url_bounce parameter.
CVSS Score
5.8
EPSS Score
0.003
Published
2014-02-05
CVE-2013-4480
Red Hat Satellite 5.6 and earlier does not disable the web interface that is used to create the first user for a satellite, which allows remote attackers to create administrator accounts.
CVSS Score
7.5
EPSS Score
0.007
Published
2013-11-18
CVE-2007-5961
Cross-site scripting (XSS) vulnerability in the Red Hat Network channel search feature, as used in RHN and Red Hat Network Satellite before 5.0.2, allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVSS Score
4.3
EPSS Score
0.003
Published
2008-05-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved