Red Hat Satellite 6:
This vulnerability is currently targeted to be addressed in an upcoming release.
CVSS v3 metrics
NOTE: The following CVSS v3 metrics and score provided are preliminary and subject to review.
|CVSS3 Base Score||4.9|
|CVSS3 Base Metrics||CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N|
Affected Packages State
|Red Hat Satellite 6||foreman||Affected|
AcknowledgementsThis issue was discovered by Vatsal Parekh (Red Hat).
Do not grant the "destroy_compute_resource" permission to users that should not know the password.