CVE-2014-8168Improper Access Control in Redhat Satellite

CWE-284Improper Access ControlCWE-862Missing Authorization5 documents5 sources
Severity
6.1MEDIUMNVD
EPSS
0.0%
top 90.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Redhat Satellite
Timeline
PublishedAug 28
Latest updateMay 17

Description

Red Hat Satellite 6 allows local users to access mongod and delete pulp_database.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:NExploitability: 1.8 | Impact: 4.2

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-5jjq-h8hf-79hx: Red Hat Satellite 6 allows local users to access mongod and delete pulp_database2022-05-17
CVEList
CVE-2014-8168: Red Hat Satellite 6 allows local users to access mongod and delete pulp_database2017-08-28

📋Vendor Advisories

1
Red Hat
Satellite: Local user can access MongoDB and delete database2015-02-18

💬Community

1
Bugzilla
CVE-2014-8168 Satellite: Local user can access MongoDB and delete database2015-02-13
CVE-2014-8168 — Improper Access Control in Redhat | cvebase