Why many input fields on Red Hat Satellite 5 do auto complete?

Solution Verified - Updated -

Issue

  1. Many input fields within the applications were discovered to have the autocomplete flag enabled. In a shared computer environment an attacker could use this feature to gain access to sensitive information.
    The "Redhat Satellite Login:" field will auto complete user names as soon as a letter is typed. offering a potential attacker a choice of available user id's is considered a security risk.
  2. Application help pages accessible to unauthenticated users.

Environment

  • Red Hat Satellite 5.7

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content