How does CVE-2020-10716 affect Red Hat Satellite?

CVE-2020-10716 affects Red Hat Satellite 6.7 and Red Hat Satellite Capsule 6.7.

What is the severity of CVE-2020-10716?

CVE-2020-10716 has a severity rating of medium with a CVSS score of 6.5.

How can I fix CVE-2020-10716?

To fix CVE-2020-10716, upgrade to tfm-rubygem-foreman_ansible version 4.0.3.4 or apply the necessary updates from Red Hat.

Where can I find more information about CVE-2020-10716?

More information about CVE-2020-10716 can be found in the references provided: [1], [2], [3].

Vulnerability/
CVE-2020-10716

medium

6.5

CWE

285

23/4/2020

27/5/2021

21/10/2022

CVE-2020-10716

Q: What is CVE-2020-10716?

CVE-2020-10716 is a vulnerability found in Red Hat Satellite's Job Invocation, where the "User Input" entry was not properly restricted, allowing a malicious user to search for passwords and sensitive data.

First published: Thu Apr 23 2020(Updated: )

A flaw was found in Red Hat Satellite's Job Invocation, where the "User Input" entry was not properly restricted to the view. This flaw allows a malicious Satellite user to scan through the Job Invocation, with the ability to search for passwords and other sensitive data. This flaw affects tfm-rubygem-foreman_ansible versions before 4.0.3.4.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
redhat/tfm-rubygem-foreman_ansible	<4.0.3.4	4.0.3.4
Red Hat Network Satellite Server	=6.7
Redhat Satellite Capsule	=6.7
Theforeman Foreman Ansible	<4.0.3.4

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2020-10716?
CVE-2020-10716 is a vulnerability found in Red Hat Satellite's Job Invocation, where the "User Input" entry was not properly restricted, allowing a malicious user to search for passwords and sensitive data.
How does CVE-2020-10716 affect Red Hat Satellite?
CVE-2020-10716 affects Red Hat Satellite 6.7 and Red Hat Satellite Capsule 6.7.
What is the severity of CVE-2020-10716?
CVE-2020-10716 has a severity rating of medium with a CVSS score of 6.5.
How can I fix CVE-2020-10716?
To fix CVE-2020-10716, upgrade to tfm-rubygem-foreman_ansible version 4.0.3.4 or apply the necessary updates from Red Hat.
Where can I find more information about CVE-2020-10716?
More information about CVE-2020-10716 can be found in the references provided: [1], [2], [3].

collector/redhat-bugzilla
alias/CVE-2020-10716
agent/author
agent/references
agent/type
agent/event
agent/description
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
agent/severity
agent/weakness
package-manager/redhat
vendor/redhat
canonical/red hat network satellite server
version/red hat network satellite server/6.7
canonical/redhat satellite capsule
version/redhat satellite capsule/6.7
vendor/theforeman
canonical/theforeman foreman ansible

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.