The Candlepin component of Red Hat Satellite was affected by an improper authentication flaw. Few factors could allow an attacker to use the SCA (simple content access) certificate for authentication with Candlepin.
References
Link | Resource |
---|---|
https://access.redhat.com/security/cve/CVE-2021-4142 | Vendor Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=2034346 | Issue Tracking Vendor Advisory |
https://github.com/candlepin/candlepin/pull/3197 | Patch Third Party Advisory |
https://github.com/candlepin/candlepin/pull/3198 | Third Party Advisory |
https://github.com/candlepin/candlepin/pull/3199 | Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2022-08-24T15:09:56
Updated: 2022-08-24T15:09:56
Reserved: 2021-12-20T00:00:00
Link: CVE-2021-4142
JSON object: View
NVD Information
Status : Modified
Published: 2022-08-24T16:15:09.547
Modified: 2023-11-07T03:40:15.473
Link: CVE-2021-4142
JSON object: View
Redhat Information
No data.