First published: Fri Jul 17 2020(Updated: )
Red Hat Satellite 6 allows local user of Smart-Proxy system to read OMAPI interface secret. Local user using the ISC DHCP server can read object mapping API (OMAPI) secret, as by default it listens on all interfaces for OMAPI interfaction.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/foreman | <0:2.3.1.20-1.el7 | 0:2.3.1.20-1.el7 |
Redhat Satellite | =6.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-14335 is a vulnerability found in Red Hat Satellite that allows a privileged attacker to read OMAPI secrets through the ISC DHCP of Smart-Proxy.
CVE-2020-14335 can result in a loss of system availability.
CVE-2020-14335 has a severity level of 5.8 (medium).
Red Hat Satellite 2.3.1.20-1.el7 is affected by CVE-2020-14335.
To fix CVE-2020-14335, it is recommended to apply the appropriate patches provided by Red Hat.