CVE-2022-4130EPSS p47.1%

CVE-2022-4130CVE-2022-4130

redhat / satellite

Description

A blind site-to-site request forgery vulnerability was found in Satellite server. It is possible to trigger an external interaction to an attacker's server by modifying the Referer header in an HTTP request of specific resources in the server.

Scoring

CVSS 4.5 ()
VectorCVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N
EPSS0.67% probability of exploitation · percentile 47.1% · 2026-06-19T12:03:05Z
Last modified2026-06-17
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.