CVE-2013-4480
Red Hat Satellite < 5.6 - Unauthenticated Administrator Account Creation
Title source: llmDescription
Red Hat Satellite 5.6 and earlier does not disable the web interface that is used to create the first user for a satellite, which allows remote attackers to create administrator accounts.
References (5)
Core 5
Core References
Issue Tracking, Vendor Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=1024614
Vendor Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-1514.html
Vendor Advisory x_refsource_confirm
https://access.redhat.com/site/articles/539283
Mailing List, Patch, Vendor Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00009.html
Vendor Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-1513.html
Scores
EPSS
0.0070
EPSS Percentile
72.3%
Details
CWE
CWE-668
Status
published
Products (8)
redhat/network_satellite
< 5.6
redhat/satellite
< 5.6
redhat/satellite_with_embedded_oracle
5.2
redhat/satellite_with_embedded_oracle
5.3
redhat/satellite_with_embedded_oracle
5.4
redhat/satellite_with_embedded_oracle
5.5
suse/linux_enterprise
11.0 sp2
suse/manager
1.7
Published
Nov 18, 2013
Tracked Since
Feb 18, 2026