CVE-2021-4142 Information

Description

The Candlepin component of Red Hat Satellite was affected by an improper authentication flaw. Few factors could allow an attacker to use the SCA (simple content access) certificate for authentication with Candlepin.

Reference

https://github.com/candlepin/candlepin/pull/3199 https://github.com/candlepin/candlepin/pull/3198 https://github.com/candlepin/candlepin/pull/3197 https://bugzilla.redhat.com/show_bug.cgi?id=2034346 https://access.redhat.com/security/cve/CVE-2021-4142