VDB
CVE-2020-10716
CVE-2020-10716
PUBLISHED
CVSS 4 MEDIUM
A flaw was found in Red Hat Satellite's Job Invocation, where the "User Input" entry was not properly restricted to the view. This flaw allows a malicious Satellite user to scan through the Job Invocation, with the ability to search for passwords and other sensitive data. This flaw affects tfm-rubygem-foreman_ansible versions before 4.0.3.4.
EPSS 0.16% · 36.2th percentile
Risk Scores
CVSS 2.0
4
EPSS Score
0.16%
36.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| redhat | satellite_capsule | 6.7 |
| redhat | satellite | 6.7 |
| n/a | rubygem-foreman_ansible | tfm-rubygem-foreman_ansible 4.0.3.4 |
| theforeman | foreman_ansible | 0 |
Exploit Intelligence
Timeline
- May 27, 2021 CVE Published
- May 28, 2021 EPSS Score
- Jul 30, 2021 EPSS Score
- Sep 29, 2021 EPSS Score
- Nov 30, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Jun 1, 2022 EPSS Score
- Aug 2, 2022 EPSS Score
- Oct 3, 2022 EPSS Score
- Dec 3, 2022 EPSS Score