vulnerability
Red Hat: CVE-2023-0462: Important: Satellite 6.13.5 Async Security Update (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:M/C:C/I:C/A:C) | Sep 20, 2023 | Nov 1, 2023 | Jan 28, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:M/C:C/I:C/A:C)
Published
Sep 20, 2023
Added
Nov 1, 2023
Modified
Jan 28, 2025
Description
An arbitrary code execution flaw was found in Foreman. This issue may allow an admin user to execute arbitrary code on the underlying operating system by setting global parameters with a YAML payload.
Solutions
redhat-upgrade-foreman-cliredhat-upgrade-rubygem-foreman_maintainredhat-upgrade-satelliteredhat-upgrade-satellite-brandingredhat-upgrade-satellite-cli
References
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.