CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
95.1%
Red Hat Satellite is a systems management tool for Linux-based
infrastructure. It allows for provisioning, remote management, and
monitoring of multiple Linux deployments with a single centralized tool.
Security Fix(es):
j
or escape_javascript
methods are susceptible to XSS attacks (CVE-2020-5267)For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Additional Changes:
Provides the Satellite Ansible Modules that allow for full automation of your Satellite configuration and deployment.
Adds ability to install Satellite and Capsules and manage hosts in a IPv6 network environment
Ansible based Capsule Upgrade automation: Ability to centrally upgrade all of your Capsule servers with a single job execution.
Platform upgrades to Postgres 12, Ansible 2.9, Ruby on Rails and latest version of Puppet
Support for HTTP UEFI provisioning
Support for CAC card authentication with Keycloak integration
Add ability to upgrade Red Hat Enterprise Linux 7 hosts to version 8 using the LEAPP based tooling.
Support for Red Hat Enterprise Linux Traces integration
satellite-maintain & foreman-maintain are now self updating
Notifications in the UI to warn users when subscriptions are expiring.
The items above are not a complete list of changes. This update also fixes
several bugs and adds various enhancements. Documentation for these changes
is available from the Release Notes document linked to in the References
section.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 7 | noarch | tfm-rubygem-rbvmomi | < 2.2.0-3.el7sat | tfm-rubygem-rbvmomi-2.2.0-3.el7sat.noarch.rpm |
RedHat | 7 | noarch | tfm-rubygem-execjs | < 2.7.0-4.el7sat | tfm-rubygem-execjs-2.7.0-4.el7sat.noarch.rpm |
RedHat | 7 | noarch | tfm-rubygem-text | < 1.3.0-7.el7sat | tfm-rubygem-text-1.3.0-7.el7sat.noarch.rpm |
RedHat | 7 | x86_64 | pycairo | < 1.16.3-9.el7sat | pycairo-1.16.3-9.el7sat.x86_64.rpm |
RedHat | 7 | noarch | tfm-rubygem-thor | < 1.0.1-2.el7sat | tfm-rubygem-thor-1.0.1-2.el7sat.noarch.rpm |
RedHat | 7 | x86_64 | tfm-rubygem-unf_ext-debuginfo | < 0.0.7.2-1.el7sat | tfm-rubygem-unf_ext-debuginfo-0.0.7.2-1.el7sat.x86_64.rpm |
RedHat | 7 | noarch | tfm-rubygem-kafo_parsers | < 1.1.0-3.el7sat | tfm-rubygem-kafo_parsers-1.1.0-3.el7sat.noarch.rpm |
RedHat | 7 | noarch | python2-click | < 6.7-9.el7sat | python2-click-6.7-9.el7sat.noarch.rpm |
RedHat | 7 | noarch | tfm-rubygem-retriable | < 3.1.2-1.el7sat | tfm-rubygem-retriable-3.1.2-1.el7sat.noarch.rpm |
RedHat | 7 | noarch | python-pulp-integrity | < 2.21.3-2.el7sat | python-pulp-integrity-2.21.3-2.el7sat.noarch.rpm |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
95.1%