CVE-2019-3845HIGHCVSS 8.0vfixed in Satellite >= 6.2ยทvfixed in Satellite 6.1 - Optional+1 more2019-04-11
CVE-2019-3845 [HIGH] CWE-284 CVE-2019-3845: A lack of access control was found in the message queues maintained by Satellite's QPID broker and u
A lack of access control was found in the message queues maintained by Satellite's QPID broker and used by katello-agent in versions before Satellite 6.2, Satellite 6.1 optional and Satellite Capsule 6.1. A malicious user authenticated to a host registered to Satellite (or Capsule) can use this flaw to access QMF methods to any host also registered to S
cvelistv5nvd