CVE-2013-6439 Information

Description

Candlepin in Red Hat Subscription Asset Manager 1.0 through 1.3 uses a weak authentication scheme when the configuration file does not specify a scheme which has unspecified impact and attack vectors.

Reference

http://rhn.redhat.com/errata/RHSA-2013-1863.html https://bugzilla.redhat.com/show_bug.cgi?id=1042677 https://exchange.xforce.ibmcloud.com/vulnerabilities/90134