Red Hat Security Advisory: Satellite 6 Client Bug Fix Update
Red Hat Satellite 6 client includes a security fix update addressing an incomplete fix for CVE-2024-49761, identified as CVE-2025-10990. This vulnerability affects the puppet-agent component used in Red Hat Satellite, a system management solution for provisioning and configuration management without requiring public Internet access. The update resolves bugs related to this incomplete fix. Users are advised to upgrade to the updated packages to remediate the issue.
AI Analysis
Technical Summary
Red Hat Satellite 6 client had an incomplete fix for CVE-2024-49761 in the puppet-agent component, which has been addressed by a new security update identified as CVE-2025-10990. The advisory indicates that updated packages are available to fix these bugs. The vulnerability is categorized under CWE-1333. The update is rated as having a moderate security impact. The vendor advisory recommends applying the updated packages after ensuring all previous errata are applied. The affected products include various Red Hat Enterprise Linux 8 and 9 variants and Extended Update Support versions. No CVSS score is provided for this vulnerability.
Potential Impact
The vulnerability relates to an incomplete fix in the puppet-agent component of Red Hat Satellite, which could potentially allow security issues to persist if not updated. The security impact is rated as moderate by Red Hat Product Security. No known exploits in the wild have been reported. The vulnerability affects system management and provisioning capabilities, which could impact the secure configuration and maintenance of systems managed by Red Hat Satellite.
Mitigation Recommendations
Red Hat has released updated puppet-agent packages that fully address the incomplete fix for CVE-2024-49761 (CVE-2025-10990). Users of Red Hat Satellite are advised to upgrade to these updated packages. Before applying this update, ensure all previously released errata relevant to the system have been applied. Detailed update instructions are available in the Red Hat Satellite documentation. No additional mitigation steps are indicated by the vendor advisory.
Red Hat Security Advisory: Satellite 6 Client Bug Fix Update
Description
Red Hat Satellite 6 client includes a security fix update addressing an incomplete fix for CVE-2024-49761, identified as CVE-2025-10990. This vulnerability affects the puppet-agent component used in Red Hat Satellite, a system management solution for provisioning and configuration management without requiring public Internet access. The update resolves bugs related to this incomplete fix. Users are advised to upgrade to the updated packages to remediate the issue.
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
Red Hat Satellite 6 client had an incomplete fix for CVE-2024-49761 in the puppet-agent component, which has been addressed by a new security update identified as CVE-2025-10990. The advisory indicates that updated packages are available to fix these bugs. The vulnerability is categorized under CWE-1333. The update is rated as having a moderate security impact. The vendor advisory recommends applying the updated packages after ensuring all previous errata are applied. The affected products include various Red Hat Enterprise Linux 8 and 9 variants and Extended Update Support versions. No CVSS score is provided for this vulnerability.
Potential Impact
The vulnerability relates to an incomplete fix in the puppet-agent component of Red Hat Satellite, which could potentially allow security issues to persist if not updated. The security impact is rated as moderate by Red Hat Product Security. No known exploits in the wild have been reported. The vulnerability affects system management and provisioning capabilities, which could impact the secure configuration and maintenance of systems managed by Red Hat Satellite.
Mitigation Recommendations
Red Hat has released updated puppet-agent packages that fully address the incomplete fix for CVE-2024-49761 (CVE-2025-10990). Users of Red Hat Satellite are advised to upgrade to these updated packages. Before applying this update, ensure all previously released errata relevant to the system have been applied. Detailed update instructions are available in the Red Hat Satellite documentation. No additional mitigation steps are indicated by the vendor advisory.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2025:17693
- Cve Count
- 1
- Additional Cves
- []
- Cvss Version
- null
Threat ID: 6a3ed4ce72d29f1837ea69e8
Added to database: 06/26/2026, 19:36:46 UTC
Last enriched: 06/26/2026, 19:38:32 UTC
Last updated: 06/26/2026, 20:21:30 UTC
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.