CVE-2013-2056

The Inter-Satellite Sync (ISS) operation in Red Hat Network (RHN) Satellite 5.3, 5.4, and 5.5 does not properly check client "authenticity," which allows remote attackers to obtain channel content by skipping the initial authentication call.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:redhat:satellite:5.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:satellite:5.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:satellite:5.5:*:*:*:*:*:*:*

History

21 Nov 2024, 01:50

Type Values Removed Values Added
References () http://rhn.redhat.com/errata/RHSA-2013-0848.html - Vendor Advisory () http://rhn.redhat.com/errata/RHSA-2013-0848.html - Vendor Advisory
References () http://secunia.com/advisories/53487 - Vendor Advisory () http://secunia.com/advisories/53487 - Vendor Advisory
References () http://www.osvdb.org/93566 - () http://www.osvdb.org/93566 -

Information

Published : 2013-07-31 13:20

Updated : 2024-11-21 01:50


NVD link : CVE-2013-2056

Mitre link : CVE-2013-2056

CVE.ORG link : CVE-2013-2056


JSON object : View

Products Affected

redhat

  • satellite
CWE
CWE-287

Improper Authentication