cvedb.io
CVE-2018-14666
MEDIUM · CVSS 6.8
EPSS exploitation probability: 0%
Published 2019-01-22T15:29:00.317 · Last modified 2026-06-17T01:41:24.810

Summary

An improper authorization flaw was found in the Smart Class feature of Foreman. An attacker can use it to change configuration of any host registered in Red Hat Satellite, independent of the organization the host belongs to. This flaw affects all Red Hat Satellite 6 versions.

Affected products

redhat — satellite

Does this affect you?

Add your gear to cvedb and we'll alert you only when redhat ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.