Back to bug 2145254
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Paige Jung | 2022-11-23 16:28:00 UTC | CC | security-response-team | |
| Doc Text | A site-to-site request forgery vulnerability was found in Satellite server. It is possible to trigger an external interaction to an attacker's server by modifying the Referer header in an HTTP request of specific resources in the server. | A site-to-site request forgery vulnerability was found in the Satellite server. It is possible to trigger an external interaction to an attacker's server by modifying the Referer header in an HTTP request of specific resources in the server. | ||
| Yadnyawalk Tale | 2022-11-24 10:49:14 UTC | Depends On | 2147581 | |
| Red Hat Bugzilla | 2023-03-02 08:28:07 UTC | Depends On | 2148136 | |
| Depends On | 2148155 | |||
| Priority | high | medium | ||
| Severity | high | medium | ||
| Doc Text | A site-to-site request forgery vulnerability was found in the Satellite server. It is possible to trigger an external interaction to an attacker's server by modifying the Referer header in an HTTP request of specific resources in the server. | A blind site-to-site request forgery vulnerability was found in Satellite server. It is possible to trigger an external interaction to an attacker's server by modifying the Referer header in an HTTP request of specific resources in the server. | ||
| Group | security, qe_staff | |||
| Summary | EMBARGOED CVE-2022-4130 satellite: Blind SSRF via Referer header | CVE-2022-4130 satellite: Blind SSRF via Referer header | ||
| CC | myarboro | |||
| Red Hat Bugzilla | 2023-05-15 20:18:49 UTC | CC | btotty | |
| Red Hat Bugzilla | 2023-07-07 08:30:15 UTC | Assignee | security-response-team | nobody |
| CC | security-response-team |
Back to bug 2145254