The Inter-Satellite Sync (ISS) operation in Red Hat Network (RHN) Satellite 5.3, 5.4, and 5.5 does not properly check client "authenticity," which allows remote attackers to obtain channel content by skipping the initial authentication call.
References
Link | Resource |
---|---|
http://rhn.redhat.com/errata/RHSA-2013-0848.html | Vendor Advisory |
http://secunia.com/advisories/53487 | Vendor Advisory |
http://www.osvdb.org/93566 | |
http://rhn.redhat.com/errata/RHSA-2013-0848.html | Vendor Advisory |
http://secunia.com/advisories/53487 | Vendor Advisory |
http://www.osvdb.org/93566 |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:50
Type | Values Removed | Values Added |
---|---|---|
References | () http://rhn.redhat.com/errata/RHSA-2013-0848.html - Vendor Advisory | |
References | () http://secunia.com/advisories/53487 - Vendor Advisory | |
References | () http://www.osvdb.org/93566 - |
Information
Published : 2013-07-31 13:20
Updated : 2024-11-21 01:50
NVD link : CVE-2013-2056
Mitre link : CVE-2013-2056
CVE.ORG link : CVE-2013-2056
JSON object : View
Products Affected
redhat
- satellite
CWE
CWE-287
Improper Authentication