Katello allows remote authenticated users to call the "system remove_deletion" CLI command via vectors related to "remove system" permissions.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=991318 | Issue Tracking Vendor Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=991318 | Issue Tracking Vendor Advisory |
Configurations
History
21 Nov 2024, 01:55
Type | Values Removed | Values Added |
---|---|---|
References | () https://bugzilla.redhat.com/show_bug.cgi?id=991318 - Issue Tracking, Vendor Advisory |
Information
Published : 2018-05-01 19:29
Updated : 2024-11-21 01:55
NVD link : CVE-2013-4201
Mitre link : CVE-2013-4201
CVE.ORG link : CVE-2013-4201
JSON object : View
Products Affected
katello
- katello
CWE
CWE-275
Permission Issues