CVE-2021-4142

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2021-4142
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-4142.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2021-4142
Downstream
Published
2022-08-24T16:15:09.547Z
Modified
2026-03-17T22:51:56.132033Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

The Candlepin component of Red Hat Satellite was affected by an improper authentication flaw. Few factors could allow an attacker to use the SCA (simple content access) certificate for authentication with Candlepin.

References

Affected packages

Git / github.com/candlepin/candlepin

Affected ranges

Type
GIT
Repo
https://github.com/candlepin/candlepin
Events
Introduced
3c2e908d53d66755895b5debd9e73b3a27d62a0a
Last affected
16438276dde4cd24b2fbce7063b6f6e66143969d
Introduced
417c084fc2768cb5e1537782a6746f338e9c1d33
Last affected
fd6f8e88290d6a3db403ecd78665753e8d04aeed
Introduced
e6ecbd17f29c16ec84148a83f549a75653a86a60
Last affected
397db5d60a16e8a275627dfb9c6b7181dd440f01
Database specific 
{
    "versions": [
        {
            "introduced": "3.1.0"
        },
        {
            "last_affected": "3.1.28-2"
        },
        {
            "introduced": "3.2.0"
        },
        {
            "last_affected": "3.2.21-1"
        },
        {
            "introduced": "4.1.0"
        },
        {
            "last_affected": "4.1.8-1"
        }
    ]
}

Affected versions

candlepin-3.*
candlepin-3.1.0-1
candlepin-3.1.1-1
candlepin-3.1.10-1
candlepin-3.1.11-1
candlepin-3.1.12-1
candlepin-3.1.13-1
candlepin-3.1.14-1
candlepin-3.1.15-1
candlepin-3.1.16-1
candlepin-3.1.17-1
candlepin-3.1.18-1
candlepin-3.1.19-1
candlepin-3.1.2-1
candlepin-3.1.20-1
candlepin-3.1.21-1
candlepin-3.1.22-1
candlepin-3.1.23-1
candlepin-3.1.24-1
candlepin-3.1.25-1
candlepin-3.1.26-1
candlepin-3.1.28-1
candlepin-3.1.28-2
candlepin-3.1.3-1
candlepin-3.1.4-1
candlepin-3.1.5-1
candlepin-3.1.6-1
candlepin-3.1.7-1
candlepin-3.1.8-1
candlepin-3.1.9-1
candlepin-3.2.0-1
candlepin-3.2.1-1
candlepin-3.2.10-1
candlepin-3.2.11-1
candlepin-3.2.12-1
candlepin-3.2.13-1
candlepin-3.2.14-1
candlepin-3.2.15-1
candlepin-3.2.16-1
candlepin-3.2.17-1
candlepin-3.2.18-1
candlepin-3.2.19-1
candlepin-3.2.2-1
candlepin-3.2.20-1
candlepin-3.2.21-1
candlepin-3.2.3-1
candlepin-3.2.4-1
candlepin-3.2.5-1
candlepin-3.2.6-1
candlepin-3.2.7-1
candlepin-3.2.8-1
candlepin-3.2.9-1
candlepin-4.*
candlepin-4.0.0-1
candlepin-4.0.1-1
candlepin-4.1.2-1
candlepin-4.1.3-1
candlepin-4.1.4-1
candlepin-4.1.5-1
candlepin-4.1.6-1
candlepin-4.1.7-1
candlepin-4.1.8-1

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-4142.json"