Vulnerability Name:

CVE-2011-0717 (CCN-65658)

Assigned:2011-02-23
Published:2011-02-23
Updated:2023-02-13
Summary:
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:5.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N)
4.3 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): None
4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2011-0717

Source: CCN
Type: RHSA-2011-0300
Moderate: Red Hat Network Satellite Server security update

Source: CCN
Type: SA43487
Red Hat Network Satellite Server Session Fixation Vulnerability

Source: CCN
Type: OSVDB ID: 72548
Red Hat Network Satellite Server Spacewalk Unspecified Session Fixation Weakness

Source: secalert@redhat.com
Type: Vendor Advisory
secalert@redhat.com

Source: CCN
Type: BID-46528
Red Hat Network Satellite Server Multiple Security Bypass Vulnerabilities

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: Vendor Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: XF
Type: UNKNOWN
rhnss-session-hijacking(65658)

Source: CCN
Type: RHSA-2011:0300-1
Red Hat Network Satellite Server security update

Vulnerable Configuration:Configuration CCN 1:
  • cpe:/a:redhat:network_satellite:5.4:*:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20110717
    V
    CVE-2011-0717
    2022-05-20
    oval:org.opensuse.security:def:32206
    P
    Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)
    2021-10-18
    oval:org.opensuse.security:def:32113
    P
    Security update for qemu (Important)
    2021-06-08
    oval:org.opensuse.security:def:32263
    P
    Security update for java-1_8_0-ibm (Important)
    2021-02-26
    oval:org.opensuse.security:def:29302
    P
    Security update for mutt (Important)
    2020-12-07
    oval:org.opensuse.security:def:28565
    P
    Security update for kdelibs4
    2020-12-01
    oval:org.opensuse.security:def:27958
    P
    Security update for ImageMagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33393
    P
    Security update for spacewalk
    2020-12-01
    oval:org.opensuse.security:def:28620
    P
    Security update for xorg-x11-libXt
    2020-12-01
    oval:org.opensuse.security:def:32506
    P
    evince on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28170
    P
    Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:31896
    P
    Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:32611
    P
    unzip on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28311
    P
    Security update for openssl (Important)
    2020-12-01
    oval:org.opensuse.security:def:31981
    P
    Security update for java-1_7_1-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:27882
    P
    Security update for rubygem-activesupport-3_2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32672
    P
    glib2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28516
    P
    Security update for openssl1 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27894
    P
    Security update for struts
    2020-12-01
    oval:org.opensuse.security:def:33354
    P
    Security update for openssl1 (Important)
    2020-12-01
    oval:org.opensuse.security:def:28604
    P
    Security update for vino
    2020-12-01
    oval:org.opensuse.security:def:32350
    P
    Security update for squid (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28086
    P
    Security update for gd (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31895
    P
    Security update for MozillaFirefox, mozilla-nspr (Important)
    2020-12-01
    oval:org.opensuse.security:def:28664
    P
    Security update for Mozilla Firefox
    2020-12-01
    oval:org.opensuse.security:def:32562
    P
    libpoppler-glib4 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28227
    P
    Security update for libssh2_org (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31907
    P
    Security update for freetype2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:29338
    P
    Security update for spacewalk
    2020-12-01
    oval:org.opensuse.security:def:32650
    P
    dhcp on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28463
    P
    Security update for xorg-x11-libX11 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27883
    P
    Security update for rubygem-bundler
    2020-12-01
    oval:org.opensuse.security:def:32716
    P
    libltdl7 on GA media (Moderate)
    2020-12-01
    BACK
    redhat network satellite 5.4
    redhat enterprise linux 4