CVE-2017-7513

Name of the Vulnerable Software and Affected Versions Satellite 5 (affected versions not specified)

Description A flaw was discovered in Satellite 5 where it fails to correctly validate the X.509 server certificate host name fields when configured with SSL/TLS for the PostgreSQL backend. This could allow a man-in-the-middle attacker to spoof a PostgreSQL server using a specially crafted X.509 certificate.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.