Known Vulnerabilities for Satellite by Redhat

Listed below are 10 of the newest known vulnerabilities associated with "Satellite" by "Redhat".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2021-42550 In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craf... 6.6 - MEDIUM 2021-12-16 2022-12-12
CVE-2021-20256 A flaw was found in Red Hat Satellite. The BMC interface exposes the password through the API to an authenticated local attac... 5.3 - MEDIUM 2021-02-23 2023-02-12
CVE-2021-3590 A flaw was found in Foreman project. A credential leak was identified which will expose Azure Compute Profile password throug... 8.8 - HIGH 2022-08-22 2022-08-26
CVE-2021-3589 An authorization flaw was found in Foreman Ansible. An authenticated attacker with certain permissions to create and run Ansi... 8 - HIGH 2022-03-23 2023-02-08
CVE-2021-3584 A server side remote code execution vulnerability was found in Foreman project. A authenticated attacker could use Sendmail c... 7.2 - HIGH 2021-12-23 2022-01-05
CVE-2021-3414 A flaw was found in satellite. When giving granular permission related to the organization, other permissions allowing a user... 8.1 - HIGH 2022-08-26 2022-09-01
CVE-2021-3413 A flaw was found in Red Hat Satellite in tfm-rubygem-foreman_azure_rm in versions before 2.2.0. A credential leak was identif... 6.3 - MEDIUM 2021-04-08 2021-04-14
CVE-2020-14334 A flaw was found in Red Hat Satellite 6 which allows privileged attacker to read cache files. These cache credentials could h... 8.8 - HIGH 2020-07-31 2023-02-12
CVE-2020-10716 A flaw was found in Red Hat Satellite's Job Invocation, where the "User Input" entry was not properly restricted to the view.... 6.5 - MEDIUM 2021-05-27 2022-10-21
CVE-2020-10693 A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL ... 5.3 - MEDIUM 2020-05-06 2023-11-07

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationRedhatSatellite6.8AllAllAll
ApplicationRedhatSatellite6.6AllAllAll
ApplicationRedhatSatellite6.5AllAllAll
ApplicationRedhatSatellite6.4AllAllAll
ApplicationRedhatSatellite6.3AllAllAll
ApplicationRedhatSatellite6.2AllAllAll
ApplicationRedhatSatellite6.1AllAllAll
ApplicationRedhatSatellite6.0.3AllAllAll
ApplicationRedhatSatellite6.0AllAllAll
ApplicationRedhatSatellite5.8.0AllAllAll
ApplicationRedhatSatellite5.8AllAllAll
ApplicationRedhatSatellite5.7AllAllAll
ApplicationRedhatSatellite5.6AllAllAll
ApplicationRedhatSatellite5.5AllAllAll
ApplicationRedhatSatellite5.4.1AllAllAll
ApplicationRedhatSatellite5.4AllAllAll
ApplicationRedhatSatellite5.3AllAllAll
ApplicationRedhatSatellite5.2AllAllAll
ApplicationRedhatSatellite5.1.1AllAllAll
ApplicationRedhatSatellite5AllAllAll
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report