PT-2022-11396 · Red Hat+1 · Red Hat Satellite+1

Yadnyawalk Tale

Published

2022-07-05

Updated

2023-02-12

CVE-2021-4142

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Red Hat Satellite (affected versions not specified)

Description The Candlepin component of Red Hat Satellite was affected by an improper authentication flaw. Few factors could allow an attacker to use the SCA (simple content access) certificate for authentication with Candlepin.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

IDOR

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-639CWE-287

Related Identifiers

CVE-2021-4142

RHSA-2022:0790

RHSA-2022:5498

RLSA-2022:5498

Affected Products

Red Hat Satellite

Rocky Linux

PT-2022-11396 · Red Hat+1 · Red Hat Satellite+1

CVE-2021-4142

Weakness Enumeration

Related Identifiers

Affected Products

References · 483