Red Hat Satellite 6 Vulnerability in System Registration and Hostname Reset
CVE-2017-15136

2.7LOW

Key Information:

Vendor: Red Hat
Status: Satellite 6
Vendor: CVE Published:; 27 February 2018

Summary

A vulnerability exists in Red Hat Satellite 6 that can lead to a loss of access to updates, including important security updates. This issue arises when a new system is registered and activated, and then its hostname is changed to that of a previously registered system. As a result of this conflict, the previously registered system loses its access to updates, posing a significant risk to system security.

Affected Version(s)

Satellite 6 6.3.0

References

http://www.securityfocus.com/bid/103210

vdb-entryx_refsource_BID

https://bugzilla.redhat.com/show_bug.cgi?id=1540343

x_refsource_CONFIRM

CVSS V3.1

Score:

2.7

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 27, 2018
Vulnerability Reserved
Oct 8, 2017