Smart Class Feature Allows Unauthorized Configuration Changes in Red Hat Satellite 6

Smart Class Feature Allows Unauthorized Configuration Changes in Red Hat Satellite 6

CVE-2018-14666 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

An improper authorization flaw was found in the Smart Class feature of Foreman. An attacker can use it to change configuration of any host registered in Red Hat Satellite, independent of the organization the host belongs to. This flaw affects all Red Hat Satellite 6 versions.

Learn more about our Web Application Penetration Testing UK.