CVE-2017-7513
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2017-7513
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
It was found that Satellite 5 configured with SSL/TLS for the PostgreSQL backend failed to correctly validate X.509 server certificate host name fields. A man-in-the-middle attacker could use this flaw to spoof a PostgreSQL server using a specially crafted X.509 certificate.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
证书验证不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
Red Hat Satellite 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Red Hat Satellite是美国红帽(Red Hat)公司的一套系统管理平台,可用于扩展Linux基础架构,并提供系统管理功能,如管理、配置和监控。 Red Hat Satellite 5版本中存在安全漏洞,该漏洞源于程序为PostgreSQL后端配置了SSL/TLS,但未能正确地验证X.509服务器证书主机名称字段。攻击者可借助特制的X.509证书利用该漏洞实施中间人攻击,伪造PostgreSQL服务器。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Red Hat | Red Hat Satellite | 5 | - |
II. Public POCs for CVE-2017-7513
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2017-7513
请登录查看更多情报信息。
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7513x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2017-7513
Same Patch Batch · Red Hat · 2018-08-22 · 4 CVEs total
| CVE-2017-2627 | Red Hat Openstack Enterprise tripleo-common 安全漏洞 | |
| CVE-2017-7528 | Red Hat CloudForms Management Engine 安全漏洞 | |
| CVE-2018-10884 | Ansible Tower 跨站请求伪造漏洞 |
IV. Related Vulnerabilities
Same vendor: Red Hat
- CVE-2026-42011
Gnutls: gnutls: security bypass due to incorrect name constr - CVE-2026-42010
Gnutls: gnutls: authentication bypass via nul character in u - CVE-2026-6420
Keylime: keylime: security bypass due to hardcoded tpm quote - CVE-2026-34956
Openvswitch: open vswitch: denial of service via malformed f - CVE-2026-34002
Xorg: xwayland: x.org x server: information disclosure or de
Same weakness: CWE-295
V. Comments for CVE-2017-7513
No comments yet