CVE-2020-14380

Summary

An account takeover flaw was found in Red Hat Satellite 6.7.2 onward. A potential attacker with proper authentication to the relevant external authentication source (SSO or Open ID) can claim the privileges of already existing local users of Satellite.

Affected Software

VendorProductVersion RangeStatus
n/aRed Hat SatelliteRed Hat Satellite 6.8affected

Weaknesses

  • CWE-287: CWE-287

ADP Enrichment

CVE Program Container

Additional References

References