Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The users controller in Katello 1.5.0-14 and earlier, and Red Hat Satellite, does not check authorization for the update_roles action, which allows remote authenticated users to gain privileges by setting a user account to an administrator account.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Katello和Red Hat Satellite 输入验证错误漏洞
Vulnerability Description
Katello和Red Hat Satellite都是系统管理产品。Katello是一款系统管理引擎,可提供配置管理、订阅管理和内容管理的工作流。Red Hat Satellite是美国红帽(Red Hat)公司的一套系统管理平台,可用于扩展Linux基础架构,并提供系统管理功能,如管理、配置和监控。 Katello 1.5.0-14及之前版本和Red Hat Satellite的用户控制器中存在安全漏洞,该漏洞源于程序对update_roles操作没有检查授权。远程攻击者可通过设置用户账户为管理员账户利
CVSS Information
N/A
Vulnerability Type
N/A