CVE-2024-12840

A server-side request forgery exists in Satellite. When a PUT HTTP request is made to /http_proxies/test_connection, when supplied with the http_proxies variable set to localhost, the attacker can fetch the localhost banner. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt