Vulnerability CVE-2011-0717

Vulnerability Name:

CVE-2011-0717 (CCN-65658)

Assigned:

2011-02-23

Published:

2011-02-23

Updated:

2023-02-13

Summary:

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

5.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N)
4.3 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): None

4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2011-0717

Source: CCN
Type: RHSA-2011-0300
Moderate: Red Hat Network Satellite Server security update

Source: CCN
Type: SA43487
Red Hat Network Satellite Server Session Fixation Vulnerability

Source: CCN
Type: OSVDB ID: 72548
Red Hat Network Satellite Server Spacewalk Unspecified Session Fixation Weakness

Source: secalert@redhat.com
Type: Vendor Advisory
secalert@redhat.com

Source: CCN
Type: BID-46528
Red Hat Network Satellite Server Multiple Security Bypass Vulnerabilities

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: Vendor Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: XF
Type: UNKNOWN
rhnss-session-hijacking(65658)

Source: CCN
Type: RHSA-2011:0300-1
Red Hat Network Satellite Server security update

Vulnerable Configuration:

Configuration CCN 1:

cpe:/a:redhat:network_satellite:5.4:*:*:*:*:*:*:*

AND

cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20110717	V	CVE-2011-0717	2022-05-20
oval:org.opensuse.security:def:32206	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-10-18
oval:org.opensuse.security:def:32113	P	Security update for qemu (Important)	2021-06-08
oval:org.opensuse.security:def:32263	P	Security update for java-1_8_0-ibm (Important)	2021-02-26
oval:org.opensuse.security:def:29302	P	Security update for mutt (Important)	2020-12-07
oval:org.opensuse.security:def:28565	P	Security update for kdelibs4	2020-12-01
oval:org.opensuse.security:def:27958	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:33393	P	Security update for spacewalk	2020-12-01
oval:org.opensuse.security:def:28620	P	Security update for xorg-x11-libXt	2020-12-01
oval:org.opensuse.security:def:32506	P	evince on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28170	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31896	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:32611	P	unzip on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28311	P	Security update for openssl (Important)	2020-12-01
oval:org.opensuse.security:def:31981	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:27882	P	Security update for rubygem-activesupport-3_2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32672	P	glib2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28516	P	Security update for openssl1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:27894	P	Security update for struts	2020-12-01
oval:org.opensuse.security:def:33354	P	Security update for openssl1 (Important)	2020-12-01
oval:org.opensuse.security:def:28604	P	Security update for vino	2020-12-01
oval:org.opensuse.security:def:32350	P	Security update for squid (Moderate)	2020-12-01
oval:org.opensuse.security:def:28086	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:31895	P	Security update for MozillaFirefox, mozilla-nspr (Important)	2020-12-01
oval:org.opensuse.security:def:28664	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:32562	P	libpoppler-glib4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28227	P	Security update for libssh2_org (Moderate)	2020-12-01
oval:org.opensuse.security:def:31907	P	Security update for freetype2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:29338	P	Security update for spacewalk	2020-12-01
oval:org.opensuse.security:def:32650	P	dhcp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28463	P	Security update for xorg-x11-libX11 (Moderate)	2020-12-01
oval:org.opensuse.security:def:27883	P	Security update for rubygem-bundler	2020-12-01
oval:org.opensuse.security:def:32716	P	libltdl7 on GA media (Moderate)	2020-12-01

BACK