CVE-2021-4142

Published: Aug 24, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

The Candlepin component of Red Hat Satellite was affected by an improper authentication flaw. Few factors could allow an attacker to use the SCA (simple content access) certificate for authentication with Candlepin.

Vendor	Product	Versions
n/a	candlepin	affected `Affects v3.1.28-2, v3.2.21-1, v4.1.8-1 and earlier are affected.`

Weaknesses (CWE)

CWE-639

References

https://bugzilla.redhat.com/show_bug.cgi?id=2034346

x_refsource_MISC

https://access.redhat.com/security/cve/CVE-2021-4142

x_refsource_MISC

https://github.com/candlepin/candlepin/pull/3199

x_refsource_MISC

https://github.com/candlepin/candlepin/pull/3197

x_refsource_MISC

https://github.com/candlepin/candlepin/pull/3198

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-4142

Description

Affected Products

Weaknesses (CWE)

References