CVE-2020-10716
published 2021-05-27CVE-2020-10716: A flaw was found in Red Hat Satellite's Job Invocation, where the "User Input" entry was not properly restricted to the view. This flaw allows a malicious…
medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
A flaw was found in Red Hat Satellite's Job Invocation, where the "User Input" entry was not properly restricted to the view. This flaw allows a malicious Satellite user to scan through the Job Invocation, with the ability to search for passwords and other sensitive data. This flaw affects tfm-rubygem-foreman_ansible versions before 4.0.3.4.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| redhat | satellite | — | — |
| redhat | satellite_capsule | — | — |
| theforeman | foreman_ansible | < 4.0.3.4 | 4.0.3.4 |