Vulnerabilites related to Red Hat - Red Hat OpenShift AI 2.16
cve-2024-10963
Vulnerability from cvelistv5
Published
2024-11-07 16:02
Modified
2025-02-13 06:06
Severity ?
7.4 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Summary
A flaw was found in pam_access, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability allows attackers to trick the system by pretending to be a trusted hostname, gaining unauthorized access. This issue poses a risk for systems that rely on this feature to control who can access certain services or terminals.
References
https://access.redhat.com/errata/RHSA-2024:10232vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:10244vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:10379vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:10518vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:10528vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:10852vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-10963vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2324291issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 1.3.1   
Version: 1.5.1   
Version: 1.6.0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.3.1-36.el8_10   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.5.1-22.el9_5   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.5.1-22.el9_5   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::appstream
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:1.5.1-23.el9_4   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
    cpe:/o:redhat:rhel_eus:9.4::baseos
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 416.94.202411261619-0   < *
    cpe:/a:redhat:openshift:4.16::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: 417.94.202411261220-0   < *
    cpe:/a:redhat:openshift:4.17::el9
 Create a notification for this product.
   Red Hat Red Hat OpenShift AI 2.16 Unaffected: sha256:c2a79db6d2ba9c313640149a55f306e8aa4dc36f3cc24bf554c025503b013644   < *
    cpe:/a:redhat:openshift_ai:2.16::el8
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
 Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-10963",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-07T18:27:30.472908Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-07T18:27:42.452Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://github.com/linux-pam/linux-pam/",
               defaultStatus: "unaffected",
               packageName: "pam",
               versions: [
                  {
                     status: "affected",
                     version: "1.3.1",
                     versionType: "semver",
                  },
                  {
                     status: "affected",
                     version: "1.5.1",
                     versionType: "semver",
                  },
                  {
                     lessThan: "1.7.0",
                     status: "affected",
                     version: "1.6.0",
                     versionType: "semver",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:8::baseos",
               ],
               defaultStatus: "affected",
               packageName: "pam",
               product: "Red Hat Enterprise Linux 8",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.3.1-36.el8_10",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::baseos",
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "pam",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.5.1-22.el9_5",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:9::baseos",
                  "cpe:/a:redhat:enterprise_linux:9::appstream",
               ],
               defaultStatus: "affected",
               packageName: "pam",
               product: "Red Hat Enterprise Linux 9",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.5.1-22.el9_5",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/a:redhat:rhel_eus:9.4::appstream",
                  "cpe:/o:redhat:rhel_eus:9.4::baseos",
               ],
               defaultStatus: "affected",
               packageName: "pam",
               product: "Red Hat Enterprise Linux 9.4 Extended Update Support",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "0:1.5.1-23.el9_4",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.16::el9",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4.16",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "416.94.202411261619-0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift:4.17::el9",
               ],
               defaultStatus: "affected",
               packageName: "rhcos",
               product: "Red Hat OpenShift Container Platform 4.17",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "417.94.202411261220-0",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://catalog.redhat.com/software/containers/",
               cpes: [
                  "cpe:/a:redhat:openshift_ai:2.16::el8",
               ],
               defaultStatus: "affected",
               packageName: "registry.redhat.io/rhoai/odh-dashboard-rhel8",
               product: "Red Hat OpenShift AI 2.16",
               vendor: "Red Hat",
               versions: [
                  {
                     lessThan: "*",
                     status: "unaffected",
                     version: "sha256:c2a79db6d2ba9c313640149a55f306e8aa4dc36f3cc24bf554c025503b013644",
                     versionType: "rpm",
                  },
               ],
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:6",
               ],
               defaultStatus: "unaffected",
               packageName: "pam",
               product: "Red Hat Enterprise Linux 6",
               vendor: "Red Hat",
            },
            {
               collectionURL: "https://access.redhat.com/downloads/content/package-browser/",
               cpes: [
                  "cpe:/o:redhat:enterprise_linux:7",
               ],
               defaultStatus: "unaffected",
               packageName: "pam",
               product: "Red Hat Enterprise Linux 7",
               vendor: "Red Hat",
            },
         ],
         datePublic: "2024-11-07T00:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in pam_access, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability allows attackers to trick the system by pretending to be a trusted hostname, gaining unauthorized access. This issue poses a risk for systems that rely on this feature to control who can access certain services or terminals.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     namespace: "https://access.redhat.com/security/updates/classification/",
                     value: "Important",
                  },
                  type: "Red Hat severity rating",
               },
            },
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 7.4,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-287",
                     description: "Improper Authentication",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-02-13T06:06:35.276Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2024:10232",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:10232",
            },
            {
               name: "RHSA-2024:10244",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:10244",
            },
            {
               name: "RHSA-2024:10379",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:10379",
            },
            {
               name: "RHSA-2024:10518",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:10518",
            },
            {
               name: "RHSA-2024:10528",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:10528",
            },
            {
               name: "RHSA-2024:10852",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2024:10852",
            },
            {
               tags: [
                  "vdb-entry",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2024-10963",
            },
            {
               name: "RHBZ#2324291",
               tags: [
                  "issue-tracking",
                  "x_refsource_REDHAT",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2324291",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-11-07T07:38:52.548000+00:00",
               value: "Reported to Red Hat.",
            },
            {
               lang: "en",
               time: "2024-11-07T00:00:00+00:00",
               value: "Made public.",
            },
         ],
         title: "Pam: improper hostname interpretation in pam_access leads to access control bypass",
         workarounds: [
            {
               lang: "en",
               value: "To reduce the risk, administrators should ensure that no DNS hostname matches local TTY or service names used in pam_access. Additionally, implement DNSSEC to prevent spoofing of DNS responses. For stronger protection, consider reconfiguring pam_access to only accept fully qualified domain names (FQDNs) in access.conf",
            },
         ],
         x_redhatCweChain: "CWE-287: Improper Authentication",
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2024-10963",
      datePublished: "2024-11-07T16:02:34.873Z",
      dateReserved: "2024-11-07T07:29:13.250Z",
      dateUpdated: "2025-02-13T06:06:35.276Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}