Network Satellite

network_satellite

Vendor: Redhat • 10 CVEs

CVEs (10)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2014-8162 2Redhat Suse 2Manager Network Satellite May 6, 2026 May 14, 2015 N/A· v4 N/A· v3 7.5 HIGH· v2 XML external entity (XXE) in the RPC interface in Spacewalk and Red Hat Network (RHN) Satellite 5.7 and earlier allows remote attackers to read arbitrary files and possibly have other unspecified impact via unknown vecto...Show more XML external entity (XXE) in the RPC interface in Spacewalk and Red Hat Network (RHN) Satellite 5.7 and earlier allows remote attackers to read arbitrary files and possibly have other unspecified impact via unknown vectors.Show less
CVE-2014-7811 2Redhat Suse 3Manager Network SatelliteSpacewalk May 6, 2026 Jan 15, 2015 N/A· v4 N/A· v3 3.5 LOW· v2 Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk and Red Hat Network (RHN) Satellite before 5.7.0 allow remote authenticated users to inject arbitrary web script or HTML via crafted XML data to the REST A...Show more Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk and Red Hat Network (RHN) Satellite before 5.7.0 allow remote authenticated users to inject arbitrary web script or HTML via crafted XML data to the REST API.Show less
CVE-2013-2143 2Redhat Theforeman 2Katello Network Satellite May 6, 2026 Apr 17, 2014 N/A· v4 N/A· v3 6.5 MEDIUM· v2 The users controller in Katello 1.5.0-14 and earlier, and Red Hat Satellite, does not check authorization for the update_roles action, which allows remote authenticated users to gain privileges by setting a user account...Show more The users controller in Katello 1.5.0-14 and earlier, and Red Hat Satellite, does not check authorization for the update_roles action, which allows remote authenticated users to gain privileges by setting a user account to an administrator account.Show less
CVE-2011-3344 1Redhat 2Network Satellite Spacewalk Apr 29, 2026 Feb 5, 2014 N/A· v4 5.4 MEDIUM· v3 4.3 MEDIUM· v2 A flaw was found in Spacewalk. A remote attacker can exploit a cross-site scripting (XSS) vulnerability in the Lookup Login/Password form by injecting arbitrary web script or HTML via the URI. This can lead to informatio...Show more A flaw was found in Spacewalk. A remote attacker can exploit a cross-site scripting (XSS) vulnerability in the Lookup Login/Password form by injecting arbitrary web script or HTML via the URI. This can lead to information disclosure or unauthorized actions within the user's browser session.Show less
CVE-2011-2927 1Redhat 2Network Satellite Spacewalk Apr 29, 2026 Feb 5, 2014 N/A· v4 5.4 MEDIUM· v3 4.3 MEDIUM· v2 A flaw was found in Spacewalk and Red Hat Network Satellite. This vulnerability, known as cross-site scripting (XSS), allows remote attackers to inject malicious web scripts or HTML into web pages viewed by other users....Show more A flaw was found in Spacewalk and Red Hat Network Satellite. This vulnerability, known as cross-site scripting (XSS), allows remote attackers to inject malicious web scripts or HTML into web pages viewed by other users. The flaw is triggered through vectors related to Search forms, enabling attackers to potentially steal sensitive information or perform actions on behalf of the victim.Show less
CVE-2011-2920 1Redhat 2Network Satellite Spacewalk Apr 29, 2026 Feb 5, 2014 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 A flaw was found in Spacewalk and Red Hat Network Satellite. This cross-site scripting (XSS) vulnerability allows a remote attacker to inject arbitrary web script or HTML into web pages through various input fields, such...Show more A flaw was found in Spacewalk and Red Hat Network Satellite. This cross-site scripting (XSS) vulnerability allows a remote attacker to inject arbitrary web script or HTML into web pages through various input fields, such as the "Filter by Synopsis" field. This could lead to the execution of malicious code in a user's web browser, potentially compromising user sessions or disclosing sensitive information.Show less
CVE-2011-2919 1Redhat 2Network Satellite Spacewalk Apr 29, 2026 Feb 5, 2014 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in Spacewalk 1.6, as used in Red Hat Network (RHN) Satellite, allows remote attackers to inject arbitrary web script or HTML via the QueryString to the SystemGroupList.do page.
CVE-2011-1594 1Redhat 2Network Satellite Spacewalk Apr 29, 2026 Feb 5, 2014 N/A· v4 6.5 MEDIUM· v3 5.8 MEDIUM· v2 A flaw was found in Spacewalk, as used in Red Hat Network Satellite. This open redirect vulnerability allows remote attackers to redirect users to arbitrary web sites by manipulating a URL in the url_bounce parameter. Th...Show more A flaw was found in Spacewalk, as used in Red Hat Network Satellite. This open redirect vulnerability allows remote attackers to redirect users to arbitrary web sites by manipulating a URL in the url_bounce parameter. This can enable attackers to conduct phishing attacks, potentially leading to unauthorized information disclosure or credential theft.Show less
CVE-2013-4480 2Redhat Suse 5Linux Enterprise ManagerNetwork Satellite+2 more Apr 29, 2026 Nov 18, 2013 N/A· v4 N/A· v3 7.5 HIGH· v2 Red Hat Satellite 5.6 and earlier does not disable the web interface that is used to create the first user for a satellite, which allows remote attackers to create administrator accounts.
CVE-2007-5961 1Redhat 1Network Satellite Apr 23, 2026 May 23, 2008 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in the Red Hat Network channel search feature, as used in RHN and Red Hat Network Satellite before 5.0.2, allows remote attackers to inject arbitrary web script or HTML via unknow...Show more Cross-site scripting (XSS) vulnerability in the Red Hat Network channel search feature, as used in RHN and Red Hat Network Satellite before 5.0.2, allows remote attackers to inject arbitrary web script or HTML via unknown vectors.Show less