CVE-2020-10716 in Red Hat and Theforeman Products
Published on May 27, 2021
A flaw was found in Red Hat Satellite's Job Invocation, where the "User Input" entry was not properly restricted to the view. This flaw allows a malicious Satellite user to scan through the Job Invocation, with the ability to search for passwords and other sensitive data. This flaw affects tfm-rubygem-foreman_ansible versions before 4.0.3.4.
Weakness Type
What is an AuthZ Vulnerability?
The software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.
CVE-2020-10716 has been classified to as an AuthZ vulnerability or weakness.
Products Associated with CVE-2020-10716
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2020-10716 are published in these products:
Exploit Probability
EPSS
0.16%
Percentile
36.41%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.