Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Satellite_with_embedded_oracle
(Redhat)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 4 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2013-11-18 | CVE-2013-4480 | Red Hat Satellite 5.6 and earlier does not disable the web interface that is used to create the first user for a satellite, which allows remote attackers to create administrator accounts. | Network_satellite, Satellite, Satellite_with_embedded_oracle, Linux_enterprise, Manager | N/A | ||
| 2014-11-03 | CVE-2014-3654 | Multiple cross-site scripting (XSS) vulnerabilities in spacewalk-java 2.0.2 in Spacewalk and Red Hat Network (RHN) Satellite 5.5 and 5.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to (1) kickstart/cobbler/CustomSnippetList.do, (2) channels/software/Entitlements.do, or (3) admin/multiorg/OrgUsers.do. | Satellite, Satellite_with_embedded_oracle, Spacewalk\-Java, Manager, Manager_server | N/A | ||
| 2012-06-16 | CVE-2012-1717 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows local users to affect confidentiality via unknown vectors related to printing on Solaris or Linux. | Jdk, Jre, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_power_big_endian, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_from_rhui, Enterprise_linux_workstation, Icedtea6, Satellite_with_embedded_oracle, Linux_enterprise_desktop, Linux_enterprise_java, Linux_enterprise_server, Linux_enterprise_software_development_kit | N/A | ||
| 2014-09-22 | CVE-2014-3595 | Cross-site scripting (XSS) vulnerability in spacewalk-java 1.2.39, 1.7.54, and 2.0.2 in Spacewalk and Red Hat Network (RHN) Satellite 5.4 through 5.6 allows remote attackers to inject arbitrary web script or HTML via a crafted request that is not properly handled when logging. | Satellite, Satellite_with_embedded_oracle, Spacewalk\-Java, Manager, Manager_server | N/A |