← Back

CVE-2013-4480

nvd nist
Published: Nov 18, 2013Modified: Apr 29, 2026

JSON object

Loading...
7.5
Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
Exploitability: 10.0 / Impact: 6.4
Source: NVD

Description

Red Hat Satellite 5.6 and earlier does not disable the web interface that is used to create the first user for a satellite, which allows remote attackers to create administrator accounts.

Affected (8)

Redhat
3 products
Network Satellite
Satellite
Satellite With Embedded Oracle
Suse
2 products
Linux Enterprise
Manager
Configuration A
6 vulnerable
Vulnerable SoftwareAffected Versions
Network Satellite
Up to 5.6
Satellite
Up to 5.6
Redhat
Satellite With Embedded Oracle
Version 5.2
Satellite With Embedded Oracle
Version 5.3
Satellite With Embedded Oracle
Version 5.4
Satellite With Embedded Oracle
Version 5.5
Configuration B
2 vulnerable
Vulnerable SoftwareAffected Versions
Linux Enterprise
Version 11.0 sp2
Manager
Version 1.7

Related CWEs

CWE-668
Exposure of Resource to Wrong Sphere
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

References (10)

Source: secalert@redhat.com
Mailing ListPatchVendor Advisory
Source: secalert@redhat.com
Vendor Advisory
Source: secalert@redhat.com
Vendor Advisory
Source: secalert@redhat.com
Vendor Advisory
Source: secalert@redhat.com
Issue TrackingVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListPatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingVendor Advisory

Timeline

No history available yet.