On Foreman, Salt plugin for smart-proxy introduce a flaw which allows any client to perform actions of Foreman Server.
Acknowledgments: Name: Evgeni Golov (Red Hat) Upstream: Foreman project
Statement: Red Hat Satellite 6 does not ship smart_proxy_salt plugin which is affected by the vulnerability. This flaw affects upstream Foreman only.
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-3456