It was found that Red Hat Satellite did not fully check the authenticity of a client beyond the initial authentication check. If an attacker were to modify the satellite-sync client so as to skip the initial authentication call, it could obtain any channel content from any Satellite that it could access. This is due to the fact that Satellite only verifies a client's authenticity during the initial /SAT check, but does not check any subsequent connections to the sync service.
Created attachment 745586 [details] The patch we used to address the issue for Satellite 5.5.
The Inter-Satellite Sync (ISS) feature was introduced in Satellite 5.3, so this issue does not affect Satellite 5.2.
Acknowledgements: This issue was discovered by Jan Pazdziora of the Red Hat Satellite Engineering team.
This issue has been addressed in following products: Red Hat Network Satellite Server v 5.4 Red Hat Network Satellite Server v 5.5 Red Hat Network Satellite Server v 5.3 Via RHSA-2013:0848 https://rhn.redhat.com/errata/RHSA-2013-0848.html