PT-2014-2079 · Red Hat · Spacewalk-Java+2
Jan Lieskovsky
·
Publicado
2014-04-15
·
Atualizado
2022-02-03
·
CVE-2010-2236
CVSS v2.0
6.0
Média
| Vetor | AV:N/AC:M/Au:S/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
spacewalk-java versions prior to 2.1.148-1
Red Hat Network (RHN) Satellite versions 4.0.0 through 4.2.0
Red Hat Network (RHN) Satellite versions 5.1.0 through 5.3.0
Proxy version 5.3.0
Description
The issue allows remote authenticated users with permissions to administer monitoring probes to execute arbitrary code via unspecified vectors, related to backticks.
Recommendations
For spacewalk-java versions prior to 2.1.148-1, update to version 2.1.148-1 or later.
For Red Hat Network (RHN) Satellite versions 4.0.0 through 4.2.0, update to a version outside of this range.
For Red Hat Network (RHN) Satellite versions 5.1.0 through 5.3.0, update to a version outside of this range.
For Proxy version 5.3.0, update to a version other than 5.3.0.
Exploit
Correção
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Proxy
Red Hat Network Satellite
Spacewalk-Java