CVE-2021-4142

Source
https://nvd.nist.gov/vuln/detail/CVE-2021-4142
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-4142.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-4142
Related
Published
2022-08-24T16:15:09Z
Modified
2024-10-12T08:30:04.225359Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

The Candlepin component of Red Hat Satellite was affected by an improper authentication flaw. Few factors could allow an attacker to use the SCA (simple content access) certificate for authentication with Candlepin.

References

Affected packages

Git / github.com/candlepin/candlepin

Affected versions

candlepin-3.*

candlepin-3.1.0-1
candlepin-3.1.1-1
candlepin-3.1.10-1
candlepin-3.1.11-1
candlepin-3.1.12-1
candlepin-3.1.13-1
candlepin-3.1.14-1
candlepin-3.1.15-1
candlepin-3.1.16-1
candlepin-3.1.17-1
candlepin-3.1.18-1
candlepin-3.1.19-1
candlepin-3.1.2-1
candlepin-3.1.20-1
candlepin-3.1.21-1
candlepin-3.1.22-1
candlepin-3.1.23-1
candlepin-3.1.24-1
candlepin-3.1.25-1
candlepin-3.1.26-1
candlepin-3.1.28-1
candlepin-3.1.28-2
candlepin-3.1.3-1
candlepin-3.1.4-1
candlepin-3.1.5-1
candlepin-3.1.6-1
candlepin-3.1.7-1
candlepin-3.1.8-1
candlepin-3.1.9-1
candlepin-3.2.0-1
candlepin-3.2.1-1
candlepin-3.2.10-1
candlepin-3.2.11-1
candlepin-3.2.12-1
candlepin-3.2.13-1
candlepin-3.2.14-1
candlepin-3.2.15-1
candlepin-3.2.16-1
candlepin-3.2.17-1
candlepin-3.2.18-1
candlepin-3.2.19-1
candlepin-3.2.2-1
candlepin-3.2.20-1
candlepin-3.2.21-1
candlepin-3.2.3-1
candlepin-3.2.4-1
candlepin-3.2.5-1
candlepin-3.2.6-1
candlepin-3.2.7-1
candlepin-3.2.8-1
candlepin-3.2.9-1

candlepin-4.*

candlepin-4.0.0-1
candlepin-4.0.1-1
candlepin-4.1.2-1
candlepin-4.1.3-1
candlepin-4.1.4-1
candlepin-4.1.5-1
candlepin-4.1.6-1
candlepin-4.1.7-1
candlepin-4.1.8-1