New bug identified in Red Hat Satellite (SAT-35175) which pose a security risk such as unauthorized access to information and data.
Description
Satellite hosts can access custom repositories/rpms via curl which is not included in the assigned Content View/Activation Key.
Link to current status and how to reproduce the bug:
https://issues.redhat.com/browse/SAT-35175