Why many input fields on Red Hat Satellite 5 do auto complete?
Issue
- Many input fields within the applications were discovered to have the autocomplete flag enabled. In a shared computer environment an attacker could use this feature to gain access to sensitive information.
The "Redhat Satellite Login:" field will auto complete user names as soon as a letter is typed. offering a potential attacker a choice of available user id's is considered a security risk. - Application help pages accessible to unauthenticated users.
Environment
- Red Hat Satellite 5.7
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
