Account Takeover Vulnerability in Red Hat Satellite 6.7.2 and Later Versions

Account Takeover Vulnerability in Red Hat Satellite 6.7.2 and Later Versions

CVE-2020-14380 · HIGH Severity

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

An account takeover flaw was found in Red Hat Satellite 6.7.2 onward. A potential attacker with proper authentication to the relevant external authentication source (SSO or Open ID) can claim the privileges of already existing local users of Satellite.

Learn more about our External Network Penetration Testing.