CVE-2013-2056

EPSS 0.33%
Veröffentlicht 31.07.2013 13:20:24
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle secalert@redhat.com
CVE-Watchlists
Login
Unerledigt
Login

The Inter-Satellite Sync (ISS) operation in Red Hat Network (RHN) Satellite 5.3, 5.4, and 5.5 does not properly check client "authenticity," which allows remote attackers to obtain channel content by skipping the initial authentication call.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Redhat ≫ Satellite Version5.3

Redhat ≫ Satellite Version5.4

Redhat ≫ Satellite Version5.5

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.33%	0.557

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

http://rhn.redhat.com/errata/RHSA-2013-0848.html

Vendor Advisory

http://secunia.com/advisories/53487

Vendor Advisory

http://www.osvdb.org/93566

https://nvd.nist.gov/vuln/detail/CVE-2013-2056

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2013-2056

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2013-2056

EUVD