PT-2013-5035 · Red Hat · Red Hat Satellite
Andrew Spurrier
·
Published
2013-11-15
·
Updated
2023-02-13
·
CVE-2013-4480
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Red Hat Satellite versions 5.6 and earlier
Description
The issue allows remote attackers to create administrator accounts due to the web interface not being disabled.
Recommendations
For Red Hat Satellite versions 5.6 and earlier, disable the web interface used to create the first user for a satellite to prevent the creation of unauthorized administrator accounts.
Fix
Exposure of Resource to Wrong Sphere
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Red Hat Satellite