Medium severity6.5NVD Advisory· Published Jul 27, 2018· Updated Jun 17, 2026
CVE-2017-7470
CVE-2017-7470
Description
It was found that spacewalk-channel can be used by a non-admin user or disabled users to perform administrative tasks due to an incorrect authorization check in backend/server/rhnChannel.py.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
37- osv-coords37 versionspkg:rpm/suse/cobbler&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/rhnlib&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-CLIENT-TOOLSpkg:rpm/suse/rhnlib&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-CLIENT-TOOLSpkg:rpm/suse/rhnlib&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/rhnlib&distro=SUSE%20Manager%20Proxy%203.0pkg:rpm/suse/rhnlib&distro=SUSE%20Manager%20Server%203.0pkg:rpm/suse/salt-netapi-client&distro=SUSE%20Manager%20Server%203.0pkg:rpm/suse/spacecmd&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-CLIENT-TOOLSpkg:rpm/suse/spacecmd&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-CLIENT-TOOLSpkg:rpm/suse/spacecmd&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/spacecmd&distro=SUSE%20Manager%20Server%203.0pkg:rpm/suse/spacewalk-backend&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-CLIENT-TOOLSpkg:rpm/suse/spacewalk-backend&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-CLIENT-TOOLSpkg:rpm/suse/spacewalk-backend&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/spacewalk-backend&distro=SUSE%20Manager%20Proxy%203.0pkg:rpm/suse/spacewalk-backend&distro=SUSE%20Manager%20Server%203.0pkg:rpm/suse/spacewalk-certs-tools&distro=SUSE%20Manager%20Proxy%203.0pkg:rpm/suse/spacewalk-certs-tools&distro=SUSE%20Manager%20Server%203.0pkg:rpm/suse/spacewalk-client-tools&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-CLIENT-TOOLSpkg:rpm/suse/spacewalk-client-tools&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-CLIENT-TOOLSpkg:rpm/suse/spacewalk-client-tools&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/spacewalk-client-tools&distro=SUSE%20Manager%20Proxy%203.0pkg:rpm/suse/spacewalk-client-tools&distro=SUSE%20Manager%20Server%203.0pkg:rpm/suse/spacewalk-java&distro=SUSE%20Manager%20Server%203.0pkg:rpm/suse/spacewalk-proxy&distro=SUSE%20Manager%20Proxy%203.0pkg:rpm/suse/spacewalk-proxy-installer&distro=SUSE%20Manager%20Proxy%203.0pkg:rpm/suse/spacewalk-reports&distro=SUSE%20Manager%20Server%203.0pkg:rpm/suse/spacewalk-setup&distro=SUSE%20Manager%20Server%203.0pkg:rpm/suse/spacewalk-web&distro=SUSE%20Manager%20Proxy%203.0pkg:rpm/suse/spacewalk-web&distro=SUSE%20Manager%20Server%203.0pkg:rpm/suse/subscription-matcher&distro=SUSE%20Manager%20Server%203.0pkg:rpm/suse/susemanager&distro=SUSE%20Manager%20Server%203.0pkg:rpm/suse/susemanager-schema&distro=SUSE%20Manager%20Server%203.0pkg:rpm/suse/susemanager-sls&distro=SUSE%20Manager%20Proxy%203.0pkg:rpm/suse/susemanager-sls&distro=SUSE%20Manager%20Server%203.0pkg:rpm/suse/susemanager-sync-data&distro=SUSE%20Manager%20Server%203.0pkg:rpm/suse/virtual-host-gatherer&distro=SUSE%20Manager%20Server%203.0
< 2.6.6-45.1+ 36 more
- (no CPE)range: < 2.6.6-45.1
- (no CPE)range: < 2.5.84.4-8.1
- (no CPE)range: < 2.5.84.4-8.1
- (no CPE)range: < 2.5.84.4-17.1
- (no CPE)range: < 2.5.84.4-6.1
- (no CPE)range: < 2.5.84.4-6.1
- (no CPE)range: < 0.11.1-12.1
- (no CPE)range: < 2.5.5.5-14.1
- (no CPE)range: < 2.5.5.5-14.1
- (no CPE)range: < 2.5.5.5-34.1
- (no CPE)range: < 2.5.5.5-12.1
- (no CPE)range: < 2.5.24.9-24.1
- (no CPE)range: < 2.5.24.9-24.1
- (no CPE)range: < 2.5.24.9-51.1
- (no CPE)range: < 2.5.24.9-22.1
- (no CPE)range: < 2.5.24.9-22.1
- (no CPE)range: < 2.5.1.8-17.1
- (no CPE)range: < 2.5.1.8-17.1
- (no CPE)range: < 2.5.13.8-23.1
- (no CPE)range: < 2.5.13.8-23.1
- (no CPE)range: < 2.5.13.8-48.1
- (no CPE)range: < 2.5.13.8-17.2
- (no CPE)range: < 2.5.13.8-17.2
- (no CPE)range: < 2.5.59.14-23.2
- (no CPE)range: < 2.5.1.7-15.1
- (no CPE)range: < 2.5.2.5-6.1
- (no CPE)range: < 2.5.1.2-3.1
- (no CPE)range: < 2.5.3.12-15.1
- (no CPE)range: < 2.5.7.15-21.1
- (no CPE)range: < 2.5.7.15-21.1
- (no CPE)range: < 0.18-5.1
- (no CPE)range: < 3.0.21-21.1
- (no CPE)range: < 3.0.19-21.2
- (no CPE)range: < 0.1.20-23.1
- (no CPE)range: < 0.1.20-23.1
- (no CPE)range: < 3.0.16-24.1
- (no CPE)range: < 1.0.13-6.1
Patches
Vulnerability mechanics
References
3- www.securityfocus.com/bid/98569nvdThird Party AdvisoryVDB Entry
- access.redhat.com/errata/RHSA-2017:1259nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.