3.2. Using the Red Hat Customer Portal
The Red Hat Customer Portal at https://access.redhat.com/ is the main customer-oriented resource for official information related to Red Hat products. You can use it to find documentation, manage your subscriptions, download products and updates, open support cases, and learn about security updates.
3.2.1. Viewing Security Advisories on the Customer Portal
To view security advisories (errata) relevant to the systems for which you have active subscriptions, log into the Customer Portal at https://access.redhat.com/ and click on the Download Products & Updates button on the main page. When you enter the Software & Download Center page, continue by clicking on the Errata button to see a list of advisories pertinent to your registered systems.
To browse a list of all security updates for all active Red Hat products, go to Security → Security Updates → Active Products using the navigation menu at the top of the page.
Click on the erratum code in the left part of the table to display more detailed information about the individual advisories. The next page contains not only a description of the given erratum, including its causes, consequences, and required fixes, but also a list of all packages that the particular erratum updates along with instructions on how to apply the updates. The page also includes links to relevant references, such as related CVE.
3.2.2. Navigating CVE Customer Portal Pages
The CVE (Common Vulnerabilities and Exposures) project, maintained by The MITRE Corporation, is a list of standardized names for vulnerabilities and security exposures. To browse a list of CVE that pertain to Red Hat products on the Customer Portal, log into your account at https://access.redhat.com/ and navigate to Security → Resources → CVE Database using the navigation menu at the top of the page.
Click on the CVE code in the left part of the table to display more detailed information about the individual vulnerabilities. The next page contains not only a description of the given CVE but also a list of affected Red Hat products along with links to relevant Red Hat errata.
3.2.3. Understanding Issue Severity Classification
All security issues discovered in Red Hat products are assigned an impact rating by Red Hat Product Security according to the severity of the problem. The four-point scale consists of the following levels: Low, Moderate, Important, and Critical. In addition to that, every security issue is rated using the Common Vulnerability Scoring System (CVSS) base scores.
Together, these ratings help you understand the impact of security issues, allowing you to schedule and prioritize upgrade strategies for your systems. Note that the ratings reflect the potential risk of a given vulnerability, which is based on a technical analysis of the bug, not the current threat level. This means that the security impact rating does not change if an exploit is released for a particular flaw.
To see a detailed description of the individual levels of severity ratings on the Customer Portal, visit the Severity Ratings page.