Unrated severityNVD Advisory· Published Jun 16, 2012· Updated Apr 29, 2026

CVE-2012-1145

Description

spacewalk-backend in Red Hat Network Satellite 5.4 on Red Hat Enterprise Linux 6 does not properly authorize or authenticate uploads to the NULL organization when mod_wsgi is used, which allows remote attackers to cause a denial of service (/var partition disk consumption and failed updates) via a large number of package uploads.

Affected products

Red Hat/Satellite
cpe:2.3:a:redhat:satellite:5.4:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

rhn.redhat.com/errata/RHSA-2012-0436.htmlnvdVendor Advisory
www.securityfocus.com/bid/52832nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/idnvdThird Party AdvisoryVDB Entry
exchange.xforce.ibmcloud.com/vulnerabilities/74498nvdThird Party AdvisoryVDB Entry
secunia.com/advisories/48664nvdBroken Link
www.osvdb.org/81481nvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000