PT-2021-9722 · Red Hat · Red Hat Satellite
Published
2021-06-02
·
Updated
2023-02-12
·
CVE-2020-14380
CVSS v3.1
7.5
High
| Vector | AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Red Hat Satellite versions 6.7.2 and later
Description
A flaw was discovered that allows an account takeover. An attacker with proper authentication to an external authentication source, such as SSO or Open ID, can claim the privileges of existing local users.
Recommendations
For Red Hat Satellite versions 6.7.2 and later, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Red Hat Satellite