VYPR
Medium severity6.8NVD Advisory· Published Jul 27, 2011· Updated Jun 16, 2026

CVE-2009-4139

CVE-2009-4139

Description

A flaw was found in Spacewalk Java site packages. This cross-site request forgery (CSRF) vulnerability allows a remote attacker to hijack the authentication of arbitrary users. This can lead to unauthorized actions, including disabling user accounts, adding new user accounts, or escalating privileges by modifying existing user accounts to have administrator access.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • Red Hat/Satellite3 versions
    cpe:2.3:a:redhat:network_satellite_server:5.3.0:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:redhat:network_satellite_server:5.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:network_satellite_server:5.4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:network_satellite_server:5.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:spacewalk-java:1.2.39:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.