All the vulnerabilites related to Red Hat - Red Hat Satellite 6.13 for RHEL 8
cve-2024-7012
Vulnerability from cvelistv5
Published
2024-09-04 13:41
Modified
2024-09-18 15:32
Severity
Summary
Puppet-foreman: an authentication bypass vulnerability exists in foreman
References
| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2024:6335 | vendor-advisory, x_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2024:6336 | vendor-advisory, x_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2024:6337 | vendor-advisory, x_refsource_REDHAT |
| https://access.redhat.com/security/cve/CVE-2024-7012 | vdb-entry, x_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2299429 | issue-tracking, x_refsource_REDHAT |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7012",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T15:32:24.815040Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T15:32:35.914Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite:6.13::el8",
"cpe:/a:redhat:satellite_utils:6.13::el8",
"cpe:/a:redhat:satellite_capsule:6.13::el8"
],
"defaultStatus": "affected",
"packageName": "foreman-installer",
"product": "Red Hat Satellite 6.13 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:3.5.2.8-1.el8sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite:6.13::el8",
"cpe:/a:redhat:satellite_utils:6.13::el8",
"cpe:/a:redhat:satellite_capsule:6.13::el8"
],
"defaultStatus": "affected",
"packageName": "foreman-installer",
"product": "Red Hat Satellite 6.13 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:3.5.2.8-1.el8sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_capsule:6.14::el8",
"cpe:/a:redhat:satellite:6.14::el8",
"cpe:/a:redhat:satellite_utils:6.14::el8"
],
"defaultStatus": "affected",
"packageName": "foreman-installer",
"product": "Red Hat Satellite 6.14 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:3.7.0.8-1.el8sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_capsule:6.14::el8",
"cpe:/a:redhat:satellite:6.14::el8",
"cpe:/a:redhat:satellite_utils:6.14::el8"
],
"defaultStatus": "affected",
"packageName": "foreman-installer",
"product": "Red Hat Satellite 6.14 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:3.7.0.8-1.el8sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_utils:6.15::el8",
"cpe:/a:redhat:satellite:6.15::el8",
"cpe:/a:redhat:satellite_capsule:6.15::el8"
],
"defaultStatus": "affected",
"packageName": "foreman-installer",
"product": "Red Hat Satellite 6.15 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:3.9.3.4-1.el8sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_utils:6.15::el8",
"cpe:/a:redhat:satellite:6.15::el8",
"cpe:/a:redhat:satellite_capsule:6.15::el8"
],
"defaultStatus": "affected",
"packageName": "foreman-installer",
"product": "Red Hat Satellite 6.15 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:3.9.3.4-1.el8sat",
"versionType": "rpm"
}
]
}
],
"datePublic": "2024-09-04T13:14:02.531632+00:00",
"descriptions": [
{
"lang": "en",
"value": "An authentication bypass vulnerability has been identified in Foreman when deployed with External Authentication, due to the puppet-foreman configuration. This issue arises from Apache\u0027s mod_proxy not properly unsetting headers because of restrictions on underscores in HTTP headers, allowing authentication through a malformed header. This flaw impacts all active Satellite deployments (6.13, 6.14 and 6.15) and could potentially enable unauthorized users to gain administrative access."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Critical"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-16T21:16:49.720Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2024:6335",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:6335"
},
{
"name": "RHSA-2024:6336",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:6336"
},
{
"name": "RHSA-2024:6337",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:6337"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-7012"
},
{
"name": "RHBZ#2299429",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299429"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-07-23T04:51:12+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2024-09-04T13:14:02.531632+00:00",
"value": "Made public."
}
],
"title": "Puppet-foreman: an authentication bypass vulnerability exists in foreman",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"x_redhatCweChain": "CWE-287: Improper Authentication"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2024-7012",
"datePublished": "2024-09-04T13:41:17.877Z",
"dateReserved": "2024-07-23T05:02:30.865Z",
"dateUpdated": "2024-09-18T15:32:35.914Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-0118
Vulnerability from cvelistv5
Published
2023-09-20 13:39
Modified
2024-09-17 13:51
Severity
Summary
Foreman: arbitrary code execution through templates
References
| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2023:4466 | vendor-advisory, x_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2023:5979 | vendor-advisory, x_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2023:5980 | vendor-advisory, x_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2023:6818 | vendor-advisory, x_refsource_REDHAT |
| https://access.redhat.com/security/cve/CVE-2023-0118 | vdb-entry, x_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2159291 | issue-tracking, x_refsource_REDHAT |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:02:43.821Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2023:4466",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2023:4466"
},
{
"name": "RHSA-2023:5979",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5979"
},
{
"name": "RHSA-2023:5980",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5980"
},
{
"name": "RHSA-2023:6818",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2023:6818"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-0118"
},
{
"name": "RHBZ#2159291",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2159291"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-0118",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-07T18:09:30.819280Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-17T13:51:28.373Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/theforeman/foreman",
"defaultStatus": "affected",
"packageName": "foreman"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_capsule:6.11::el8",
"cpe:/a:redhat:satellite_capsule:6.11::el7",
"cpe:/a:redhat:satellite_utils:6.11::el8",
"cpe:/a:redhat:satellite:6.11::el7",
"cpe:/a:redhat:satellite_utils:6.11::el7",
"cpe:/a:redhat:satellite:6.11::el8"
],
"defaultStatus": "affected",
"packageName": "foreman",
"product": "Red Hat Satellite 6.11 for RHEL 7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.1.1.27-1.el7sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_capsule:6.11::el8",
"cpe:/a:redhat:satellite_capsule:6.11::el7",
"cpe:/a:redhat:satellite_utils:6.11::el8",
"cpe:/a:redhat:satellite:6.11::el7",
"cpe:/a:redhat:satellite_utils:6.11::el7",
"cpe:/a:redhat:satellite:6.11::el8"
],
"defaultStatus": "affected",
"packageName": "foreman",
"product": "Red Hat Satellite 6.11 for RHEL 7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.1.1.27-1.el7sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_capsule:6.11::el8",
"cpe:/a:redhat:satellite_capsule:6.11::el7",
"cpe:/a:redhat:satellite_utils:6.11::el8",
"cpe:/a:redhat:satellite:6.11::el7",
"cpe:/a:redhat:satellite_utils:6.11::el7",
"cpe:/a:redhat:satellite:6.11::el8"
],
"defaultStatus": "affected",
"packageName": "foreman",
"product": "Red Hat Satellite 6.11 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.1.1.27-1.el8sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_capsule:6.11::el8",
"cpe:/a:redhat:satellite_capsule:6.11::el7",
"cpe:/a:redhat:satellite_utils:6.11::el8",
"cpe:/a:redhat:satellite:6.11::el7",
"cpe:/a:redhat:satellite_utils:6.11::el7",
"cpe:/a:redhat:satellite:6.11::el8"
],
"defaultStatus": "affected",
"packageName": "foreman",
"product": "Red Hat Satellite 6.11 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.1.1.27-1.el8sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite:6.12::el8",
"cpe:/a:redhat:satellite_capsule:6.12::el8",
"cpe:/a:redhat:satellite_utils:6.12::el8"
],
"defaultStatus": "affected",
"packageName": "rubygem-safemode",
"product": "Red Hat Satellite 6.12 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.3.8-1.el8sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_capsule:6.13::el8",
"cpe:/a:redhat:satellite_utils:6.13::el8",
"cpe:/a:redhat:satellite_maintenance:6.13::el8",
"cpe:/a:redhat:satellite:6.13::el8"
],
"defaultStatus": "affected",
"packageName": "rubygem-safemode",
"product": "Red Hat Satellite 6.13 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.3.8-1.el8sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_maintenance:6.14::el8",
"cpe:/a:redhat:satellite_utils:6.14::el8",
"cpe:/a:redhat:satellite:6.14::el8",
"cpe:/a:redhat:satellite_capsule:6.14::el8"
],
"defaultStatus": "affected",
"packageName": "foreman",
"product": "Red Hat Satellite 6.14 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.7.0.9-1.el8sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_maintenance:6.14::el8",
"cpe:/a:redhat:satellite_utils:6.14::el8",
"cpe:/a:redhat:satellite:6.14::el8",
"cpe:/a:redhat:satellite_capsule:6.14::el8"
],
"defaultStatus": "affected",
"packageName": "foreman",
"product": "Red Hat Satellite 6.14 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.7.0.9-1.el8sat",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Andrew Danau (Onsec.io) for reporting this issue."
}
],
"datePublic": "2023-03-12T00:00:00+00:00",
"descriptions": [
{
"lang": "en",
"value": "An arbitrary code execution flaw was found in Foreman. This flaw allows an admin user to bypass safe mode in templates and execute arbitrary code on the underlying operating system."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T15:32:29.709Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2023:4466",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2023:4466"
},
{
"name": "RHSA-2023:5979",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5979"
},
{
"name": "RHSA-2023:5980",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5980"
},
{
"name": "RHSA-2023:6818",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2023:6818"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-0118"
},
{
"name": "RHBZ#2159291",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2159291"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-12-12T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-03-12T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Foreman: arbitrary code execution through templates",
"x_redhatCweChain": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2023-0118",
"datePublished": "2023-09-20T13:39:27.756Z",
"dateReserved": "2023-01-09T13:21:05.016Z",
"dateUpdated": "2024-09-17T13:51:28.373Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-4886
Vulnerability from cvelistv5
Published
2023-10-03 14:24
Modified
2024-09-16 16:17
Severity
Summary
Foreman: world readable file containing secrets
References
| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2023:7851 | vendor-advisory, x_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2024:1061 | vendor-advisory, x_refsource_REDHAT |
| https://access.redhat.com/security/cve/CVE-2023-4886 | vdb-entry, x_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2230135 | issue-tracking, x_refsource_REDHAT |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:38:00.875Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2023:7851",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2023:7851"
},
{
"name": "RHSA-2024:1061",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:1061"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-4886"
},
{
"name": "RHBZ#2230135",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230135"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite:6.13::el8",
"cpe:/a:redhat:satellite_maintenance:6.13::el8",
"cpe:/a:redhat:satellite_utils:6.13::el8",
"cpe:/a:redhat:satellite_capsule:6.13::el8"
],
"defaultStatus": "affected",
"packageName": "foreman",
"product": "Red Hat Satellite 6.13 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.5.1.24-1.el8sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite:6.13::el8",
"cpe:/a:redhat:satellite_maintenance:6.13::el8",
"cpe:/a:redhat:satellite_utils:6.13::el8",
"cpe:/a:redhat:satellite_capsule:6.13::el8"
],
"defaultStatus": "affected",
"packageName": "foreman",
"product": "Red Hat Satellite 6.13 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.5.1.24-1.el8sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite:6.14::el8",
"cpe:/a:redhat:satellite_capsule:6.14::el8",
"cpe:/a:redhat:satellite_utils:6.14::el8"
],
"defaultStatus": "affected",
"packageName": "foreman",
"product": "Red Hat Satellite 6.14 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.7.0.10-1.el8sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite:6.14::el8",
"cpe:/a:redhat:satellite_capsule:6.14::el8",
"cpe:/a:redhat:satellite_utils:6.14::el8"
],
"defaultStatus": "affected",
"packageName": "foreman-installer",
"product": "Red Hat Satellite 6.14 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:3.7.0.5-1.el8sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite:6.14::el8",
"cpe:/a:redhat:satellite_capsule:6.14::el8",
"cpe:/a:redhat:satellite_utils:6.14::el8"
],
"defaultStatus": "affected",
"packageName": "foreman",
"product": "Red Hat Satellite 6.14 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.7.0.10-1.el8sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite:6.14::el8",
"cpe:/a:redhat:satellite_capsule:6.14::el8",
"cpe:/a:redhat:satellite_utils:6.14::el8"
],
"defaultStatus": "affected",
"packageName": "foreman-installer",
"product": "Red Hat Satellite 6.14 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:3.7.0.5-1.el8sat",
"versionType": "rpm"
}
]
}
],
"datePublic": "2023-10-03T14:00:00+00:00",
"descriptions": [
{
"lang": "en",
"value": "A sensitive information exposure vulnerability was found in foreman. Contents of tomcat\u0027s server.xml file, which contain passwords to candlepin\u0027s keystore and truststore, were found to be world readable."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-16T16:17:17.293Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2023:7851",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2023:7851"
},
{
"name": "RHSA-2024:1061",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:1061"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-4886"
},
{
"name": "RHBZ#2230135",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230135"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-08-08T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-10-03T14:00:00+00:00",
"value": "Made public."
}
],
"title": "Foreman: world readable file containing secrets",
"x_redhatCweChain": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2023-4886",
"datePublished": "2023-10-03T14:24:56.342Z",
"dateReserved": "2023-09-11T09:51:13.928Z",
"dateUpdated": "2024-09-16T16:17:17.293Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-7923
Vulnerability from cvelistv5
Published
2024-09-04 13:41
Modified
2024-09-18 15:29
Severity
Summary
Puppet-pulpcore: an authentication bypass vulnerability exists in pulpcore
References
| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2024:6335 | vendor-advisory, x_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2024:6336 | vendor-advisory, x_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2024:6337 | vendor-advisory, x_refsource_REDHAT |
| https://access.redhat.com/security/cve/CVE-2024-7923 | vdb-entry, x_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2305718 | issue-tracking, x_refsource_REDHAT |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7923",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T15:28:06.080066Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T15:29:14.242Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_utils:6.13::el8",
"cpe:/a:redhat:satellite_capsule:6.13::el8",
"cpe:/a:redhat:satellite:6.13::el8"
],
"defaultStatus": "affected",
"packageName": "foreman-installer",
"product": "Red Hat Satellite 6.13 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:3.5.2.8-1.el8sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_utils:6.13::el8",
"cpe:/a:redhat:satellite_capsule:6.13::el8",
"cpe:/a:redhat:satellite:6.13::el8"
],
"defaultStatus": "affected",
"packageName": "foreman-installer",
"product": "Red Hat Satellite 6.13 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:3.5.2.8-1.el8sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_capsule:6.14::el8",
"cpe:/a:redhat:satellite_utils:6.14::el8",
"cpe:/a:redhat:satellite:6.14::el8"
],
"defaultStatus": "affected",
"packageName": "foreman-installer",
"product": "Red Hat Satellite 6.14 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:3.7.0.8-1.el8sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_capsule:6.14::el8",
"cpe:/a:redhat:satellite_utils:6.14::el8",
"cpe:/a:redhat:satellite:6.14::el8"
],
"defaultStatus": "affected",
"packageName": "foreman-installer",
"product": "Red Hat Satellite 6.14 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:3.7.0.8-1.el8sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite:6.15::el8",
"cpe:/a:redhat:satellite_utils:6.15::el8",
"cpe:/a:redhat:satellite_capsule:6.15::el8"
],
"defaultStatus": "affected",
"packageName": "foreman-installer",
"product": "Red Hat Satellite 6.15 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:3.9.3.4-1.el8sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite:6.15::el8",
"cpe:/a:redhat:satellite_utils:6.15::el8",
"cpe:/a:redhat:satellite_capsule:6.15::el8"
],
"defaultStatus": "affected",
"packageName": "foreman-installer",
"product": "Red Hat Satellite 6.15 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:3.9.3.4-1.el8sat",
"versionType": "rpm"
}
]
}
],
"datePublic": "2024-09-04T13:00:00+00:00",
"descriptions": [
{
"lang": "en",
"value": "An authentication bypass vulnerability has been identified in Pulpcore when deployed with Gunicorn versions prior to 22.0, due to the puppet-pulpcore configuration. This issue arises from Apache\u0027s mod_proxy not properly unsetting headers because of restrictions on underscores in HTTP headers, allowing authentication through a malformed header. This flaw impacts all active Satellite deployments (6.13, 6.14 and 6.15) which are using Pulpcore version 3.0+ and could potentially enable unauthorized users to gain administrative access."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Critical"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-16T21:17:11.753Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2024:6335",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:6335"
},
{
"name": "RHSA-2024:6336",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:6336"
},
{
"name": "RHSA-2024:6337",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:6337"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-7923"
},
{
"name": "RHBZ#2305718",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2305718"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-08-19T12:36:58.759000+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2024-09-04T13:00:00+00:00",
"value": "Made public."
}
],
"title": "Puppet-pulpcore: an authentication bypass vulnerability exists in pulpcore",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"x_redhatCweChain": "CWE-287: Improper Authentication"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2024-7923",
"datePublished": "2024-09-04T13:41:48.872Z",
"dateReserved": "2024-08-19T12:40:08.047Z",
"dateUpdated": "2024-09-18T15:29:14.242Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-0119
Vulnerability from cvelistv5
Published
2023-09-12 15:14
Modified
2024-08-02 05:02
Severity
Summary
Foreman: stored cross-site scripting in host tab
References
| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2023:3387 | vendor-advisory, x_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2023:6818 | vendor-advisory, x_refsource_REDHAT |
| https://access.redhat.com/security/cve/CVE-2023-0119 | vdb-entry, x_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2159104 | issue-tracking, x_refsource_REDHAT |
| https://projects.theforeman.org/issues/35977 |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-0119",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-11T19:42:07.019021Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-11T19:42:12.486Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:02:43.579Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2023:3387",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2023:3387"
},
{
"name": "RHSA-2023:6818",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2023:6818"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-0119"
},
{
"name": "RHBZ#2159104",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2159104"
},
{
"tags": [
"x_transferred"
],
"url": "https://projects.theforeman.org/issues/35977"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/theforeman/foreman",
"packageName": "foreman",
"versions": [
{
"status": "unaffected",
"version": "3.4.2"
},
{
"status": "unaffected",
"version": "3.5.1.16"
},
{
"status": "unaffected",
"version": "3.5.2"
},
{
"status": "unaffected",
"version": "3.6.0"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_capsule:6.13::el8",
"cpe:/a:redhat:satellite_utils:6.13::el8",
"cpe:/a:redhat:satellite_maintenance:6.13::el8",
"cpe:/a:redhat:satellite:6.13::el8"
],
"defaultStatus": "affected",
"packageName": "foreman",
"product": "Red Hat Satellite 6.13 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.5.1.17-1.el8sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_capsule:6.13::el8",
"cpe:/a:redhat:satellite_utils:6.13::el8",
"cpe:/a:redhat:satellite_maintenance:6.13::el8",
"cpe:/a:redhat:satellite:6.13::el8"
],
"defaultStatus": "affected",
"packageName": "foreman",
"product": "Red Hat Satellite 6.13 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.5.1.17-1.el8sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_maintenance:6.14::el8",
"cpe:/a:redhat:satellite_utils:6.14::el8",
"cpe:/a:redhat:satellite:6.14::el8",
"cpe:/a:redhat:satellite_capsule:6.14::el8"
],
"defaultStatus": "affected",
"packageName": "foreman",
"product": "Red Hat Satellite 6.14 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.7.0.9-1.el8sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_maintenance:6.14::el8",
"cpe:/a:redhat:satellite_utils:6.14::el8",
"cpe:/a:redhat:satellite:6.14::el8",
"cpe:/a:redhat:satellite_capsule:6.14::el8"
],
"defaultStatus": "affected",
"packageName": "foreman",
"product": "Red Hat Satellite 6.14 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.7.0.9-1.el8sat",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Dinko Dimitrov (Onsec.io) for reporting this issue."
}
],
"datePublic": "2023-03-12T00:00:00+00:00",
"descriptions": [
{
"lang": "en",
"value": "A stored Cross-site scripting vulnerability was found in foreman. The Comment section in the Hosts tab has incorrect filtering of user input data. As a result of the attack, an attacker with an existing account on the system can steal another user\u0027s session, make requests on behalf of the user, and obtain user credentials."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T15:32:30.715Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2023:3387",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2023:3387"
},
{
"name": "RHSA-2023:6818",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2023:6818"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-0119"
},
{
"name": "RHBZ#2159104",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2159104"
},
{
"url": "https://projects.theforeman.org/issues/35977"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-12-16T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-03-12T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Foreman: stored cross-site scripting in host tab",
"x_redhatCweChain": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2023-0119",
"datePublished": "2023-09-12T15:14:29.533Z",
"dateReserved": "2023-01-09T13:23:29.547Z",
"dateUpdated": "2024-08-02T05:02:43.579Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}