CVE-2020-14380

CVE-2020-14380

Vendor N/A
Product Red Hat Satellite
Weakness CWE-287 · Improper authentication
Published June 2, 2021
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

An account takeover flaw was found in Red Hat Satellite 6.7.2 onward. A potential attacker with proper authentication to the relevant external authentication source (SSO or Open ID) can claim the privileges of already existing local users of Satellite.

Key dates

02Disclosure timeline

June 2, 2021 CVE published
August 4, 2024 Record updated