CVE-2013-2056

critical

Description

The Inter-Satellite Sync (ISS) operation in Red Hat Network (RHN) Satellite 5.3, 5.4, and 5.5 does not properly check client "authenticity," which allows remote attackers to obtain channel content by skipping the initial authentication call.

References

http://www.osvdb.org/93566

http://secunia.com/advisories/53487

http://rhn.redhat.com/errata/RHSA-2013-0848.html

Details

Source: Mitre, NVD

Published: 2013-07-31

Updated: 2022-02-03

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

Detections

Analytics