Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2020-1744
Vulnerability from cvelistv5
Published
2020-03-24 00:00
Modified
2024-08-04 06:46
Severity ?
EPSS score ?
Summary
A flaw was found in keycloak before version 9.0.1. When configuring an Conditional OTP Authentication Flow as a post login flow of an IDP, the failure login events for OTP are not being sent to the brute force protection event queue. So BruteForceProtector does not handle this events.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://access.redhat.com/security/cve/CVE-2020-1744 | Vendor Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1744 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/CVE-2020-1744 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1744 | Issue Tracking, Vendor Advisory |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T06:46:30.879Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1744", }, { tags: [ "x_transferred", ], url: "https://access.redhat.com/security/cve/CVE-2020-1744", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "keycloak", vendor: "Red Hat", versions: [ { status: "affected", version: "all keycloak versions prior to 9.0.1", }, ], }, ], descriptions: [ { lang: "en", value: "A flaw was found in keycloak before version 9.0.1. When configuring an Conditional OTP Authentication Flow as a post login flow of an IDP, the failure login events for OTP are not being sent to the brute force protection event queue. So BruteForceProtector does not handle this events.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-755", description: "CWE-755", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-07T00:00:00", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1744", }, { url: "https://access.redhat.com/security/cve/CVE-2020-1744", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2020-1744", datePublished: "2020-03-24T00:00:00", dateReserved: "2019-11-27T00:00:00", dateUpdated: "2024-08-04T06:46:30.879Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { fkie_nvd: { configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:keycloak:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"9.0.1\", \"matchCriteriaId\": \"23787EE3-4659-4D20-8473-C7237168FDB9\"}]}]}]", descriptions: "[{\"lang\": \"en\", \"value\": \"A flaw was found in keycloak before version 9.0.1. When configuring an Conditional OTP Authentication Flow as a post login flow of an IDP, the failure login events for OTP are not being sent to the brute force protection event queue. So BruteForceProtector does not handle this events.\"}, {\"lang\": \"es\", \"value\": \"Se descubri\\u00f3 un fallo en keycloak versiones anteriores a la versi\\u00f3n 9.0.1. Cuando se configura un Conditional OTP Authentication Flow como un flujo posterior al inicio de sesi\\u00f3n de un IDP, los eventos de inicio de sesi\\u00f3n fallidos para OTP no son enviados hacia la cola de eventos de protecci\\u00f3n de fuerza bruta. Entonces BruteForceProtector no maneja estos eventos.\"}]", id: "CVE-2020-1744", lastModified: "2024-11-21T05:11:17.480", metrics: "{\"cvssMetricV31\": [{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L\", \"baseScore\": 5.6, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 3.4}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L\", \"baseScore\": 5.6, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 3.4}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}", published: "2020-03-24T14:15:13.293", references: "[{\"url\": \"https://access.redhat.com/security/cve/CVE-2020-1744\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1744\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2020-1744\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1744\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}]", sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: "[{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-755\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-755\"}]}]", }, nvd: "{\"cve\":{\"id\":\"CVE-2020-1744\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2020-03-24T14:15:13.293\",\"lastModified\":\"2024-11-21T05:11:17.480\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in keycloak before version 9.0.1. When configuring an Conditional OTP Authentication Flow as a post login flow of an IDP, the failure login events for OTP are not being sent to the brute force protection event queue. So BruteForceProtector does not handle this events.\"},{\"lang\":\"es\",\"value\":\"Se descubrió un fallo en keycloak versiones anteriores a la versión 9.0.1. Cuando se configura un Conditional OTP Authentication Flow como un flujo posterior al inicio de sesión de un IDP, los eventos de inicio de sesión fallidos para OTP no son enviados hacia la cola de eventos de protección de fuerza bruta. Entonces BruteForceProtector no maneja estos eventos.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":5.6,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.2,\"impactScore\":3.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":5.6,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.2,\"impactScore\":3.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-755\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-755\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:keycloak:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.0.1\",\"matchCriteriaId\":\"23787EE3-4659-4D20-8473-C7237168FDB9\"}]}]}],\"references\":[{\"url\":\"https://access.redhat.com/security/cve/CVE-2020-1744\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1744\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/security/cve/CVE-2020-1744\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1744\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]}]}}", }, }
rhsa-2020:0951
Vulnerability from csaf_redhat
Published
2020-03-23 20:13
Modified
2025-01-19 19:49
Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.3.7 security update
Notes
Topic
A security update is now available for Red Hat Single Sign-On 7.3 from the Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.3.7 serves as a replacement for Red Hat Single Sign-On 7.3.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* libthrift: thrift: Endless loop when feed with specific input data (CVE-2019-0205)
* libthrift: thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol (CVE-2019-0210)
* commons-beanutils: apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default (CVE-2019-10086)
* xmlsec: xml-security: Apache Santuario potentially loads XML parsing code from an untrusted source (CVE-2019-12400)
* JBoss EAP: Vault system property security attribute value is revealed on CLI 'reload' command (CVE-2019-14885)
* wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use (CVE-2019-14887)
* jackson-databind: lacks certain net.sf.ehcache blocking (CVE-2019-20330)
* netty: HTTP request smuggling (CVE-2019-20444)
* netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header (CVE-2019-20445)
* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)
* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "A security update is now available for Red Hat Single Sign-On 7.3 from the Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.3.7 serves as a replacement for Red Hat Single Sign-On 7.3.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* libthrift: thrift: Endless loop when feed with specific input data (CVE-2019-0205)\n\n* libthrift: thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol (CVE-2019-0210)\n\n* commons-beanutils: apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default (CVE-2019-10086)\n\n* xmlsec: xml-security: Apache Santuario potentially loads XML parsing code from an untrusted source (CVE-2019-12400)\n\n* JBoss EAP: Vault system property security attribute value is revealed on CLI 'reload' command (CVE-2019-14885)\n\n* wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use (CVE-2019-14887)\n\n* jackson-databind: lacks certain net.sf.ehcache blocking (CVE-2019-20330)\n\n* netty: HTTP request smuggling (CVE-2019-20444)\n\n* netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header (CVE-2019-20445)\n\n* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)\n\n* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:0951", url: "https://access.redhat.com/errata/RHSA-2020:0951", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.rhsso&downloadType=securityPatches&version=7.3", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.rhsso&downloadType=securityPatches&version=7.3", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/", url: "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/", }, { category: "external", summary: "1764607", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1764607", }, { category: "external", summary: "1764612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1764612", }, { category: "external", summary: "1764658", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1764658", }, { category: "external", summary: "1767483", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1767483", }, { category: "external", summary: "1770615", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1770615", }, { category: "external", summary: "1772008", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1772008", }, { category: "external", summary: "1793154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1793154", }, { category: "external", summary: "1796225", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1796225", }, { category: "external", summary: "1798509", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1798509", }, { category: "external", summary: "1798524", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1798524", }, { category: "external", summary: "1805792", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805792", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0951.json", }, ], title: "Red Hat Security Advisory: Red Hat Single Sign-On 7.3.7 security update", tracking: { current_release_date: "2025-01-19T19:49:05+00:00", generator: { date: "2025-01-19T19:49:05+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.6", }, }, id: "RHSA-2020:0951", initial_release_date: "2020-03-23T20:13:32+00:00", revision_history: [ { date: "2020-03-23T20:13:32+00:00", number: "1", summary: "Initial version", }, { date: "2020-03-23T20:13:32+00:00", number: "2", summary: "Last updated version", }, { date: "2025-01-19T19:49:05+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Single Sign-On 7.3", product: { name: "Red Hat Single Sign-On 7.3", product_id: "Red Hat Single Sign-On 7.3", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_single_sign_on:7.3", }, }, }, ], category: "product_family", name: "Red Hat Single Sign-On", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2019-0205", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2019-10-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1764612", }, ], notes: [ { category: "description", text: "In Apache Thrift all versions up to and including 0.12.0, a server or client may run into an endless loop when feed with specific input data. Because the issue had already been partially fixed in version 0.11.0, depending on the installed version it affects only certain language bindings.", title: "Vulnerability description", }, { category: "summary", text: "thrift: Endless loop when feed with specific input data", title: "Vulnerability summary", }, { category: "other", text: "Red Hat OpenStack Platform ships OpenDaylight, which contains a vulnerable version of libthrift. However, OpenDaylight does not expose libthrift in a vulnerable way, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe thrift package in OpenShift Container Platform is installed only in Curator images in the Logging stack. The affected code is included in this package, it's functionality is not used. This vulnerability is therefore rated Low for OpenShift Container Platform.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Single Sign-On 7.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-0205", }, { category: "external", summary: "RHBZ#1764612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1764612", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-0205", url: "https://www.cve.org/CVERecord?id=CVE-2019-0205", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-0205", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-0205", }, ], release_date: "2019-10-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:13:32+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Single Sign-On 7.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0951", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "Red Hat Single Sign-On 7.3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "thrift: Endless loop when feed with specific input data", }, { cve: "CVE-2019-0210", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2019-10-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1764607", }, ], notes: [ { category: "description", text: "In Apache Thrift 0.9.3 to 0.12.0, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with invalid input data.", title: "Vulnerability description", }, { category: "summary", text: "thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol", title: "Vulnerability summary", }, { category: "other", text: "Red Hat OpenStack Platform ships OpenDaylight, which contains a vulnerable version of libthrift. However, OpenDaylight is not affected as this is a Golang specific problem, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe version of thrift delivered in OpenShift Container Platform is not affected by this vulnerability as it does not contain the affected code.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Single Sign-On 7.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-0210", }, { category: "external", summary: "RHBZ#1764607", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1764607", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-0210", url: "https://www.cve.org/CVERecord?id=CVE-2019-0210", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-0210", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-0210", }, ], release_date: "2019-10-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:13:32+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Single Sign-On 7.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0951", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat Single Sign-On 7.3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol", }, { cve: "CVE-2019-10086", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2019-10-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1767483", }, ], notes: [ { category: "description", text: "A flaw was found in the Apache Commons BeanUtils, where the class property in PropertyUtilsBean is not suppressed by default. This flaw allows an attacker to access the classloader.", title: "Vulnerability description", }, { category: "summary", text: "apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Single Sign-On 7.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10086", }, { category: "external", summary: "RHBZ#1767483", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1767483", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10086", url: "https://www.cve.org/CVERecord?id=CVE-2019-10086", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10086", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10086", }, { category: "external", summary: "https://commons.apache.org/proper/commons-beanutils/javadocs/v1.9.4/RELEASE-NOTES.txt", url: "https://commons.apache.org/proper/commons-beanutils/javadocs/v1.9.4/RELEASE-NOTES.txt", }, ], release_date: "2019-08-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:13:32+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Single Sign-On 7.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0951", }, { category: "workaround", details: "There is no currently known mitigation for this flaw.", product_ids: [ "Red Hat Single Sign-On 7.3", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "Red Hat Single Sign-On 7.3", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default", }, { cve: "CVE-2019-12400", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2019-08-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1764658", }, ], notes: [ { category: "description", text: "In version 2.0.3 Apache Santuario XML Security for Java, a caching mechanism was introduced to speed up creating new XML documents using a static pool of DocumentBuilders. However, if some untrusted code can register a malicious implementation with the thread context class loader first, then this implementation might be cached and re-used by Apache Santuario - XML Security for Java, leading to potential security flaws when validating signed documents, etc. The vulnerability affects Apache Santuario - XML Security for Java 2.0.x releases from 2.0.3 and all 2.1.x releases before 2.1.4.", title: "Vulnerability description", }, { category: "summary", text: "xml-security: Apache Santuario potentially loads XML parsing code from an untrusted source", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Single Sign-On 7.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-12400", }, { category: "external", summary: "RHBZ#1764658", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1764658", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-12400", url: "https://www.cve.org/CVERecord?id=CVE-2019-12400", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-12400", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-12400", }, ], release_date: "2019-08-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:13:32+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Single Sign-On 7.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0951", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.0", }, products: [ "Red Hat Single Sign-On 7.3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "xml-security: Apache Santuario potentially loads XML parsing code from an untrusted source", }, { cve: "CVE-2019-14885", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2019-10-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1770615", }, ], notes: [ { category: "description", text: "A flaw was found in the JBoss EAP Vault system. Confidential information of the system property’s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI 'reload' command. This flaw can lead to the exposure of confidential information.", title: "Vulnerability description", }, { category: "summary", text: "EAP: Vault system property security attribute value is revealed on CLI 'reload' command", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Single Sign-On 7.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-14885", }, { category: "external", summary: "RHBZ#1770615", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1770615", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-14885", url: "https://www.cve.org/CVERecord?id=CVE-2019-14885", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-14885", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-14885", }, ], release_date: "2020-01-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:13:32+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Single Sign-On 7.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0951", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "Red Hat Single Sign-On 7.3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "EAP: Vault system property security attribute value is revealed on CLI 'reload' command", }, { cve: "CVE-2019-14887", cwe: { id: "CWE-757", name: "Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')", }, discovery_date: "2019-11-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1772008", }, ], notes: [ { category: "description", text: "A flaw was found when an OpenSSL security provider is used with Wildfly, the 'enabled-protocols' value in the Wildfly configuration isn't honored. An attacker could target the traffic sent from Wildfly and downgrade the connection to a weaker version of TLS, potentially breaking the encryption. This could lead to a leak of the data being passed over the network.", title: "Vulnerability description", }, { category: "summary", text: "wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Single Sign-On 7.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-14887", }, { category: "external", summary: "RHBZ#1772008", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1772008", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-14887", url: "https://www.cve.org/CVERecord?id=CVE-2019-14887", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-14887", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-14887", }, ], release_date: "2020-03-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:13:32+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Single Sign-On 7.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0951", }, { category: "workaround", details: "Avoid using an OpenSSL security provider and instead use the default configuration or regular JSSE provider with 'TLS'.", product_ids: [ "Red Hat Single Sign-On 7.3", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, products: [ "Red Hat Single Sign-On 7.3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use", }, { cve: "CVE-2019-20330", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2020-01-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1793154", }, ], notes: [ { category: "description", text: "FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: lacks certain net.sf.ehcache blocking", title: "Vulnerability summary", }, { category: "other", text: "While OpenShift Container Platform's elasticsearch plugins do ship the vulnerable component, it doesn't do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Single Sign-On 7.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-20330", }, { category: "external", summary: "RHBZ#1793154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1793154", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-20330", url: "https://www.cve.org/CVERecord?id=CVE-2019-20330", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-20330", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-20330", }, ], release_date: "2020-01-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:13:32+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Single Sign-On 7.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0951", }, { category: "workaround", details: "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", product_ids: [ "Red Hat Single Sign-On 7.3", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "Red Hat Single Sign-On 7.3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jackson-databind: lacks certain net.sf.ehcache blocking", }, { cve: "CVE-2019-20444", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, discovery_date: "2020-01-30T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1798524", }, ], notes: [ { category: "description", text: "A HTTP smuggling flaw was found in HttpObjectDecoder.java in Netty in versions prior to version 4.1.44. HTTP headers with an invalid fold, in this case CRLF (carriage return, line feed) without being followed by SP (space) or HTAB (horizontal tab), result in situations where headers can be misread. Data integrity is the highest threat with this vulnerability.", title: "Vulnerability description", }, { category: "summary", text: "netty: HTTP request smuggling", title: "Vulnerability summary", }, { category: "other", text: "OpenShift Container Platform ships a vulnerable netty library as part of the logging-elasticsearch5 container. ElasticSearch's security team has stated that the previous vulnerability, CVE-2019-16869, does not pose a substantial practical threat to ElasticSearch 6. We agree that these issues would be difficult to exploit on OpenShift Container Platform so we're reducing the impact of this issue to moderate and may fix it in the future release.\n\nRed Hat Satellite ships a vulnerable version of netty embedded in Candlepin. However, the flaw can not be triggered in that context, because HTTP requests are handled by Tomcat, not by netty. A future release may fix this.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Single Sign-On 7.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-20444", }, { category: "external", summary: "RHBZ#1798524", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1798524", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-20444", url: "https://www.cve.org/CVERecord?id=CVE-2019-20444", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-20444", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-20444", }, { category: "external", summary: "https://github.com/elastic/elasticsearch/issues/49396", url: "https://github.com/elastic/elasticsearch/issues/49396", }, ], release_date: "2020-01-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:13:32+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Single Sign-On 7.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0951", }, { category: "workaround", details: "* Use HTTP/2 instead (clear boundaries between requests)\n* Disable reuse of backend connections eg. ```http-reuse never``` in HAProxy or whatever equivalent LB settings", product_ids: [ "Red Hat Single Sign-On 7.3", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "Red Hat Single Sign-On 7.3", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "netty: HTTP request smuggling", }, { cve: "CVE-2019-20445", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, discovery_date: "2020-01-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1798509", }, ], notes: [ { category: "description", text: "A flaw was found in Netty before version 4.1.44, where it accepted multiple Content-Length headers and also accepted both Transfer-Encoding, as well as Content-Length headers where it should reject the message under such circumstances. In circumstances where Netty is used in the context of a server, it could result in a viable HTTP smuggling vulnerability.", title: "Vulnerability description", }, { category: "summary", text: "netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header", title: "Vulnerability summary", }, { category: "other", text: "OpenShift Container Platform ships a vulnerable netty library as part of the logging-elasticsearch5 container. ElasticSearch's security team has stated that the previous vulnerability, CVE-2019-16869, does not poses a substantial practical threat to ElasticSearch 6 [1]. We agree that this issue would be difficult to exploit both these vulnerabilities on OpenShift Container Platform, so we're reducing the impact of this issue to moderate and may fix it in the future release.\n\nRed Hat Satellite ships a vulnerable version of netty embedded in Candlepin. However, the flaw can not be triggered in that context, because HTTP requests are handled by Tomcat, not by netty. A future release may fix this.\n\n[1] https://github.com/elastic/elasticsearch/issues/49396", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Single Sign-On 7.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-20445", }, { category: "external", summary: "RHBZ#1798509", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1798509", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-20445", url: "https://www.cve.org/CVERecord?id=CVE-2019-20445", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-20445", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-20445", }, ], release_date: "2020-01-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:13:32+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Single Sign-On 7.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0951", }, { category: "workaround", details: "* Use HTTP/2 instead (clear boundaries between requests)\n* Disable reuse of backend connections eg. ```http-reuse never``` in HAProxy or whatever equivalent LB settings", product_ids: [ "Red Hat Single Sign-On 7.3", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "Red Hat Single Sign-On 7.3", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header", }, { cve: "CVE-2020-1744", cwe: { id: "CWE-755", name: "Improper Handling of Exceptional Conditions", }, discovery_date: "2020-02-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1805792", }, ], notes: [ { category: "description", text: "A flaw was found in keycloak. BruteForceProtector does not handle Conditional OTP Authentication Flow login failure events due to these events not being sent to the brute force protection event queue. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Single Sign-On 7.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1744", }, { category: "external", summary: "RHBZ#1805792", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805792", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1744", url: "https://www.cve.org/CVERecord?id=CVE-2020-1744", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", }, ], release_date: "2020-03-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:13:32+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Single Sign-On 7.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0951", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "Red Hat Single Sign-On 7.3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP", }, { cve: "CVE-2020-7238", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, discovery_date: "2020-01-27T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1796225", }, ], notes: [ { category: "description", text: "A flaw was found in Netty, where it mishandles Transfer-Encoding whitespace. This flaw allows HTTP Request Smuggling.", title: "Vulnerability description", }, { category: "summary", text: "netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling", title: "Vulnerability summary", }, { category: "other", text: "OpenShift Container Platform ships a vulnerable netty library as part of the logging-elasticsearch5 container. ElasticSearch's security team has stated that the previous vulnerability, CVE-2019-16869, does not poses a substantial practical threat to ElasticSearch 6 [1]. We agree that this issue would be difficult to exploit both these vulnerabilities on OpenShift Container Platform, so we're reducing the impact of this issue to moderate and may fix it in the future release.\n\nRed Hat Satellite ships vulnerable netty version embedded in Candlepin, however, is not directly vulnerable since HTTP requests are handled by Tomcat and not netty.\n\n[1] https://github.com/elastic/elasticsearch/issues/49396", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Single Sign-On 7.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-7238", }, { category: "external", summary: "RHBZ#1796225", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1796225", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-7238", url: "https://www.cve.org/CVERecord?id=CVE-2020-7238", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-7238", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-7238", }, { category: "external", summary: "https://netty.io/news/2019/12/18/4-1-44-Final.html", url: "https://netty.io/news/2019/12/18/4-1-44-Final.html", }, ], release_date: "2020-01-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:13:32+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Single Sign-On 7.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0951", }, { category: "workaround", details: "* Use HTTP/2 instead (clear boundaries between requests)\n* Disable reuse of backend connections eg. ```http-reuse never``` in HAProxy or whatever equivalent LB settings", product_ids: [ "Red Hat Single Sign-On 7.3", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "Red Hat Single Sign-On 7.3", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling", }, ], }
RHSA-2020:2905
Vulnerability from csaf_redhat
Published
2020-07-23 07:03
Modified
2025-03-16 05:26
Summary
Red Hat Security Advisory: Red Hat build of Thorntail 2.7.0 security and bug fix update
Notes
Topic
An update is now available for Red Hat build of Thorntail.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.
Details
This release of Red Hat build of Thorntail 2.7.0 includes security updates, bug fixes, and enhancements. For more information, see the release notes listed in the References section.
Security Fix(es):
* Wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain (CVE-2020-1719)
* cxf: reflected XSS in the services listing page (CVE-2019-17573)
* undertow: AJP File Read/Inclusion Vulnerability (CVE-2020-1745)
* Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371 (CVE-2020-6950)
* resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class (CVE-2020-1695)
* undertow: servletPath is normalized incorrectly leading to dangerous application mapping which could result in security bypass (CVE-2020-1757)
* keycloak: stored XSS in client settings via application links (CVE-2020-1697)
* keycloak: problem with privacy after user logout (CVE-2020-1724)
* keycloak: Password leak by logged exception in HttpMethod class (CVE-2020-1698)
* cxf: OpenId Connect token service does not properly validate the clientId (CVE-2019-12423)
* Soteria: security identity corruption across concurrent threads (CVE-2020-1732)
* keycloak: missing input validation in IDP authorization URLs (CVE-2020-1727)
* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)
* keycloak: security issue on reset credential flow (CVE-2020-1718)
* keycloak: Lack of checks in ObjectInputStream leading to Remote Code Execution (CVE-2020-1714)
* RESTEasy: RESTEASY003870 exception in RESTEasy can lead to a reflected XSS attack (CVE-2020-10688)
* undertow: invalid HTTP request with large chunk size (CVE-2020-10719)
* undertow: Memory exhaustion issue in HttpReadListener via "Expect: 100- continue" header (CVE-2020-10705)
For more details about the security issues and their impact, the CVSS score, acknowledgements, and other related information, see the CVE pages listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for Red Hat build of Thorntail.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.", title: "Topic", }, { category: "general", text: "This release of Red Hat build of Thorntail 2.7.0 includes security updates, bug fixes, and enhancements. For more information, see the release notes listed in the References section.\n\nSecurity Fix(es):\n\n* Wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain (CVE-2020-1719)\n\n* cxf: reflected XSS in the services listing page (CVE-2019-17573)\n\n* undertow: AJP File Read/Inclusion Vulnerability (CVE-2020-1745)\n\n* Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371 (CVE-2020-6950)\n\n* resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class (CVE-2020-1695)\n\n* undertow: servletPath is normalized incorrectly leading to dangerous application mapping which could result in security bypass (CVE-2020-1757)\n\n* keycloak: stored XSS in client settings via application links (CVE-2020-1697)\n\n* keycloak: problem with privacy after user logout (CVE-2020-1724)\n\n* keycloak: Password leak by logged exception in HttpMethod class (CVE-2020-1698)\n\n* cxf: OpenId Connect token service does not properly validate the clientId (CVE-2019-12423)\n\n* Soteria: security identity corruption across concurrent threads (CVE-2020-1732)\n\n* keycloak: missing input validation in IDP authorization URLs (CVE-2020-1727)\n\n* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)\n\n* keycloak: security issue on reset credential flow (CVE-2020-1718)\n\n* keycloak: Lack of checks in ObjectInputStream leading to Remote Code Execution (CVE-2020-1714)\n\n* RESTEasy: RESTEASY003870 exception in RESTEasy can lead to a reflected XSS attack (CVE-2020-10688)\n\n* undertow: invalid HTTP request with large chunk size (CVE-2020-10719)\n\n* undertow: Memory exhaustion issue in HttpReadListener via \"Expect: 100- continue\" header (CVE-2020-10705)\n\nFor more details about the security issues and their impact, the CVSS score, acknowledgements, and other related information, see the CVE pages listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:2905", url: "https://access.redhat.com/errata/RHSA-2020:2905", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=catRhoar.thorntail&version=2.7.0", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=catRhoar.thorntail&version=2.7.0", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_build_of_thorntail/2.7/html/release_notes_for_thorntail_2.7/", url: "https://access.redhat.com/documentation/en-us/red_hat_build_of_thorntail/2.7/html/release_notes_for_thorntail_2.7/", }, { category: "external", summary: "1705975", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1705975", }, { category: "external", summary: "1730462", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1730462", }, { category: "external", summary: "1752770", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1752770", }, { category: "external", summary: "1790292", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1790292", }, { category: "external", summary: "1791538", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1791538", }, { category: "external", summary: "1796617", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1796617", }, { category: "external", summary: "1796756", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1796756", }, { category: "external", summary: "1797006", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1797006", }, { category: "external", summary: "1797011", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1797011", }, { category: "external", summary: "1800527", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1800527", }, { category: "external", summary: "1800573", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1800573", }, { category: "external", summary: "1801726", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1801726", }, { category: "external", summary: "1803241", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1803241", }, { category: "external", summary: "1805006", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805006", }, { category: "external", summary: "1805792", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805792", }, { category: "external", summary: "1807305", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1807305", }, { category: "external", summary: "1814974", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1814974", }, { category: "external", summary: "1828459", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1828459", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2905.json", }, ], title: "Red Hat Security Advisory: Red Hat build of Thorntail 2.7.0 security and bug fix update", tracking: { current_release_date: "2025-03-16T05:26:27+00:00", generator: { date: "2025-03-16T05:26:27+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2020:2905", initial_release_date: "2020-07-23T07:03:40+00:00", revision_history: [ { date: "2020-07-23T07:03:40+00:00", number: "1", summary: "Initial version", }, { date: "2020-07-23T07:03:40+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-16T05:26:27+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Text-Only RHOAR", product: { name: "Text-Only RHOAR", product_id: "Text-Only RHOAR", product_identification_helper: { cpe: "cpe:/a:redhat:openshift_application_runtimes:1.0", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Application Runtimes", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2019-12423", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, discovery_date: "2020-01-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1797006", }, ], notes: [ { category: "description", text: "Apache CXF ships with a OpenId Connect JWK Keys service, which allows a client to obtain the public keys in JWK format, which can then be used to verify the signature of tokens issued by the service. Typically, the service obtains the public key from a local keystore (JKS/PKCS12) by specifing the path of the keystore and the alias of the keystore entry. This case is not vulnerable. However it is also possible to obtain the keys from a JWK keystore file, by setting the configuration parameter \"rs.security.keystore.type\" to \"jwk\". For this case all keys are returned in this file \"as is\", including all private key and secret key credentials. This is an obvious security risk if the user has configured the signature keystore file with private or secret key credentials. From CXF 3.3.5 and 3.2.12, it is mandatory to specify an alias corresponding to the id of the key in the JWK file, and only this key is returned. In addition, any private key information is omitted by default. \"oct\" keys, which contain secret keys, are not returned at all.", title: "Vulnerability description", }, { category: "summary", text: "cxf: OpenId Connect token service does not properly validate the clientId", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-12423", }, { category: "external", summary: "RHBZ#1797006", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1797006", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-12423", url: "https://www.cve.org/CVERecord?id=CVE-2019-12423", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-12423", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-12423", }, ], release_date: "2020-01-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "cxf: OpenId Connect token service does not properly validate the clientId", }, { cve: "CVE-2019-17573", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2020-01-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1797011", }, ], notes: [ { category: "description", text: "By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting (XSS) attack, which allows a malicious actor to inject javascript into the web page. Please note that the attack exploits a feature which is not typically not present in modern browsers, who remove dot segments before sending the request. However, Mobile applications may be vulnerable.", title: "Vulnerability description", }, { category: "summary", text: "cxf: reflected XSS in the services listing page", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-17573", }, { category: "external", summary: "RHBZ#1797011", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1797011", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-17573", url: "https://www.cve.org/CVERecord?id=CVE-2019-17573", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-17573", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-17573", }, ], release_date: "2020-01-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, { category: "workaround", details: "Mitigate this flaw by disabling the service listing altogether; via setting the \"hide-service-list-page\" servlet parameter to \"true\".", product_ids: [ "Text-Only RHOAR", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "cxf: reflected XSS in the services listing page", }, { acknowledgments: [ { names: [ "Mirko Selber", ], organization: "Compass Security", }, ], cve: "CVE-2020-1695", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2019-07-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1730462", }, ], notes: [ { category: "description", text: "A flaw was found in Resteasy, where an improper input validation results in returning an illegal header that integrates into the server's response. This flaw may result in an injection, which leads to unexpected behavior when the HTTP response is constructed.", title: "Vulnerability description", }, { category: "summary", text: "resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1695", }, { category: "external", summary: "RHBZ#1730462", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1730462", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1695", url: "https://www.cve.org/CVERecord?id=CVE-2020-1695", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1695", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1695", }, ], release_date: "2020-04-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.0", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class", }, { acknowledgments: [ { names: [ "Cure53 Berlin", ], }, ], cve: "CVE-2020-1697", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2020-01-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1791538", }, ], notes: [ { category: "description", text: "A flaw was found during the assessment of the Admin Console application for Keycloak, where it was found that Application Links to external applications are not validated properly. An attacker could use this flaw to cause Stored XSS attacks.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: stored XSS in client settings via application links", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1697", }, { category: "external", summary: "RHBZ#1791538", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1791538", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1697", url: "https://www.cve.org/CVERecord?id=CVE-2020-1697", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1697", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1697", }, ], release_date: "2020-02-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "keycloak: stored XSS in client settings via application links", }, { acknowledgments: [ { names: [ "Tobias Friedrich", ], }, ], cve: "CVE-2020-1698", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2020-01-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1790292", }, ], notes: [ { category: "description", text: "A flaw was found in keycloak. A logged exception in the HttpMethod class may leak the password given as parameter. The highest threat from this vulnerability is to data confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: Password leak by logged exception in HttpMethod class", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1698", }, { category: "external", summary: "RHBZ#1790292", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1790292", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1698", url: "https://www.cve.org/CVERecord?id=CVE-2020-1698", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1698", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1698", }, ], release_date: "2020-05-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "keycloak: Password leak by logged exception in HttpMethod class", }, { acknowledgments: [ { names: [ "Thomas Darimont", ], }, ], cve: "CVE-2020-1714", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2019-04-29T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1705975", }, ], notes: [ { category: "description", text: "A flaw was found in Keycloak, where the code base contains usages of ObjectInputStream without type checks. This flaw allows an attacker to inject arbitrarily serialized Java Objects, which would then get deserialized in a privileged context and potentially lead to remote code execution.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: Lack of checks in ObjectInputStream leading to Remote Code Execution", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1714", }, { category: "external", summary: "RHBZ#1705975", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1705975", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1714", url: "https://www.cve.org/CVERecord?id=CVE-2020-1714", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1714", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1714", }, ], release_date: "2020-05-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, { category: "workaround", details: "There is currently no known mitigation for this issue.", product_ids: [ "Text-Only RHOAR", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "keycloak: Lack of checks in ObjectInputStream leading to Remote Code Execution", }, { cve: "CVE-2020-1718", cwe: { id: "CWE-287", name: "Improper Authentication", }, discovery_date: "2020-01-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1796756", }, ], notes: [ { category: "description", text: "A flaw was found in the reset credential flow in Keycloak. This flaw allows an attacker to gain unauthorized access to the application.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: security issue on reset credential flow", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1718", }, { category: "external", summary: "RHBZ#1796756", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1796756", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1718", url: "https://www.cve.org/CVERecord?id=CVE-2020-1718", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1718", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1718", }, ], release_date: "2020-05-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, { category: "workaround", details: "Disable reset credential flow.", product_ids: [ "Text-Only RHOAR", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "keycloak: security issue on reset credential flow", }, { cve: "CVE-2020-1719", cwe: { id: "CWE-270", name: "Privilege Context Switching Error", }, discovery_date: "2019-08-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1796617", }, ], notes: [ { category: "description", text: "A flaw was found in wildfly. The EJBContext principle is not popped back after invoking another EJB using a different Security Domain. The highest threat from this vulnerability is to data confidentiality and integrity.", title: "Vulnerability description", }, { category: "summary", text: "Wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1719", }, { category: "external", summary: "RHBZ#1796617", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1796617", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1719", url: "https://www.cve.org/CVERecord?id=CVE-2020-1719", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1719", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1719", }, ], release_date: "2019-06-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain", }, { acknowledgments: [ { names: [ "Francesco Cusinato", ], }, ], cve: "CVE-2020-1724", cwe: { id: "CWE-613", name: "Insufficient Session Expiration", }, discovery_date: "2020-02-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1800527", }, ], notes: [ { category: "description", text: "A flaw was found in Keycloak. This flaw allows a malicious user that is currently logged in, to see the personal information of a previously logged out user in the account manager section.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: problem with privacy after user logout", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1724", }, { category: "external", summary: "RHBZ#1800527", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1800527", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1724", url: "https://www.cve.org/CVERecord?id=CVE-2020-1724", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1724", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1724", }, ], release_date: "2020-05-07T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "keycloak: problem with privacy after user logout", }, { acknowledgments: [ { names: [ "Sebastian Moritz", ], organization: "Cure53", }, ], cve: "CVE-2020-1727", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2020-02-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1800573", }, ], notes: [ { category: "description", text: "A flaw was found in Keycloak, where every Authorization URL that points to an IDP server lacks proper input validation as it allows a wide range of characters. This flaw allows a malicious to craft deep links that introduce further attack scenarios on affected clients.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: missing input validation in IDP authorization URLs", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1727", }, { category: "external", summary: "RHBZ#1800573", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1800573", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1727", url: "https://www.cve.org/CVERecord?id=CVE-2020-1727", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1727", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1727", }, ], release_date: "2020-05-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "keycloak: missing input validation in IDP authorization URLs", }, { cve: "CVE-2020-1732", cwe: { id: "CWE-284", name: "Improper Access Control", }, discovery_date: "2020-02-11T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1801726", }, ], notes: [ { category: "description", text: "A flaw was found in WildFly where multiple requests occurring concurrently could be handled using the identity of another request. This vulnerability occurs when using EE Security with WildFly Elytron. The largest threat from this vulnerability is data confidentiality and integrity.", title: "Vulnerability description", }, { category: "summary", text: "Soteria: security identity corruption across concurrent threads", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1732", }, { category: "external", summary: "RHBZ#1801726", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1801726", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1732", url: "https://www.cve.org/CVERecord?id=CVE-2020-1732", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1732", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1732", }, ], release_date: "2020-02-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "Soteria: security identity corruption across concurrent threads", }, { cve: "CVE-2020-1744", cwe: { id: "CWE-755", name: "Improper Handling of Exceptional Conditions", }, discovery_date: "2020-02-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1805792", }, ], notes: [ { category: "description", text: "A flaw was found in keycloak. BruteForceProtector does not handle Conditional OTP Authentication Flow login failure events due to these events not being sent to the brute force protection event queue. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1744", }, { category: "external", summary: "RHBZ#1805792", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805792", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1744", url: "https://www.cve.org/CVERecord?id=CVE-2020-1744", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", }, ], release_date: "2020-03-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP", }, { acknowledgments: [ { names: [ "Steve Zapantis", "Robert Roberson", "taktakdb4g", ], }, ], cve: "CVE-2020-1745", cwe: { id: "CWE-285", name: "Improper Authorization", }, discovery_date: "2020-02-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1807305", }, ], notes: [ { category: "description", text: "A file inclusion vulnerability was found in the AJP connector enabled with a default AJP configuration port of 8009 in Undertow version 2.0.29.Final and before. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instances where the vulnerable server allows file uploads, an attacker could upload malicious JavaServer Pages (JSP) code within a variety of file types and trigger this vulnerability to gain remote code execution.", title: "Vulnerability description", }, { category: "summary", text: "undertow: AJP File Read/Inclusion Vulnerability", title: "Vulnerability summary", }, { category: "other", text: "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251 and CVE page https://access.redhat.com/security/cve/cve-2020-1938", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1745", }, { category: "external", summary: "RHBZ#1807305", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1807305", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1745", url: "https://www.cve.org/CVERecord?id=CVE-2020-1745", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1745", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1745", }, { category: "external", summary: "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/", url: "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/", }, { category: "external", summary: "https://www.cnvd.org.cn/webinfo/show/5415", url: "https://www.cnvd.org.cn/webinfo/show/5415", }, { category: "external", summary: "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487", url: "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487", }, ], release_date: "2020-02-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, { category: "workaround", details: "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251", product_ids: [ "Text-Only RHOAR", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 7.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "undertow: AJP File Read/Inclusion Vulnerability", }, { acknowledgments: [ { names: [ "Fedorov Oleksii", "Keitaro Yamazaki", "Shiga Ryota", ], organization: "LINE Corporation", }, ], cve: "CVE-2020-1757", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2019-09-09T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1752770", }, ], notes: [ { category: "description", text: "A flaw was found in Undertow, where the servlet container causes the servletPath to normalize incorrectly by truncating the path after the semicolon. The flaw may lead to application mapping, resulting in a security bypass.", title: "Vulnerability description", }, { category: "summary", text: "undertow: servletPath is normalized incorrectly leading to dangerous application mapping which could result in security bypass", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1757", }, { category: "external", summary: "RHBZ#1752770", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1752770", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1757", url: "https://www.cve.org/CVERecord?id=CVE-2020-1757", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1757", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1757", }, ], release_date: "2018-12-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, { category: "workaround", details: "The issue can be mitigated by configuring UrlPathHelper to ignore the servletPath via setting \"alwaysUseFullPath\".", product_ids: [ "Text-Only RHOAR", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "undertow: servletPath is normalized incorrectly leading to dangerous application mapping which could result in security bypass", }, { acknowledgments: [ { names: [ "An Trinh", ], }, ], cve: "CVE-2020-6950", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, discovery_date: "2019-12-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1805006", }, ], notes: [ { category: "description", text: "A flaw was found in Eclipse Mojarra before version 2.3.14, where it is vulnerable to a path traversal flaw via the loc parameter or the con parameter. An attacker could exploit this flaw to read arbitrary files.", title: "Vulnerability description", }, { category: "summary", text: "Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-6950", }, { category: "external", summary: "RHBZ#1805006", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805006", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-6950", url: "https://www.cve.org/CVERecord?id=CVE-2020-6950", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-6950", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-6950", }, { category: "external", summary: "https://bugs.eclipse.org/bugs/show_bug.cgi?id=550943", url: "https://bugs.eclipse.org/bugs/show_bug.cgi?id=550943", }, { category: "external", summary: "https://github.com/eclipse-ee4j/mojarra/commit/1b434748d9239f42eae8aa7d37d7a0930c061e24", url: "https://github.com/eclipse-ee4j/mojarra/commit/1b434748d9239f42eae8aa7d37d7a0930c061e24", }, { category: "external", summary: "https://github.com/eclipse-ee4j/mojarra/commit/cefbb9447e7be560e59da2da6bd7cb93776f7741", url: "https://github.com/eclipse-ee4j/mojarra/commit/cefbb9447e7be560e59da2da6bd7cb93776f7741", }, { category: "external", summary: "https://github.com/eclipse-ee4j/mojarra/issues/4571", url: "https://github.com/eclipse-ee4j/mojarra/issues/4571", }, { category: "external", summary: "https://github.com/javaserverfaces/mojarra/issues/4364", url: "https://github.com/javaserverfaces/mojarra/issues/4364", }, ], release_date: "2020-02-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, { category: "workaround", details: "There is no currently known mitigation for this flaw.", product_ids: [ "Text-Only RHOAR", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371", }, { cve: "CVE-2020-10688", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2020-03-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1814974", }, ], notes: [ { category: "description", text: "A cross-site scripting (XSS) flaw was found in RESTEasy, where it did not properly handle URL encoding when the RESTEASY003870 exception occurs. An attacker could use this flaw to launch a reflected XSS attack.", title: "Vulnerability description", }, { category: "summary", text: "RESTEasy: RESTEASY003870 exception in RESTEasy can lead to a reflected XSS attack", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-10688", }, { category: "external", summary: "RHBZ#1814974", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1814974", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-10688", url: "https://www.cve.org/CVERecord?id=CVE-2020-10688", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-10688", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-10688", }, { category: "external", summary: "https://github.com/quarkusio/quarkus/issues/7248", url: "https://github.com/quarkusio/quarkus/issues/7248", }, { category: "external", summary: "https://issues.redhat.com/browse/RESTEASY-2519", url: "https://issues.redhat.com/browse/RESTEASY-2519", }, ], release_date: "2020-02-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "RESTEasy: RESTEASY003870 exception in RESTEasy can lead to a reflected XSS attack", }, { cve: "CVE-2020-10705", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2020-02-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1803241", }, ], notes: [ { category: "description", text: "A flaw was discovered in Undertow where certain requests to the \"Expect: 100-continue\" header may cause an out of memory error. This flaw may potentially lead to a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "undertow: Memory exhaustion issue in HttpReadListener via \"Expect: 100-continue\" header", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-10705", }, { category: "external", summary: "RHBZ#1803241", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1803241", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-10705", url: "https://www.cve.org/CVERecord?id=CVE-2020-10705", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-10705", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-10705", }, ], release_date: "2020-05-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, { category: "workaround", details: "There is currently no known mitigation for this security flaw.", product_ids: [ "Text-Only RHOAR", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "undertow: Memory exhaustion issue in HttpReadListener via \"Expect: 100-continue\" header", }, { acknowledgments: [ { names: [ "ZeddYu", ], }, ], cve: "CVE-2020-10719", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, discovery_date: "2020-02-11T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1828459", }, ], notes: [ { category: "description", text: "A flaw was found in Undertow, regarding the processing of invalid HTTP requests with large chunk sizes. This flaw allows an attacker to take advantage of HTTP request smuggling.", title: "Vulnerability description", }, { category: "summary", text: "undertow: invalid HTTP request with large chunk size", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-10719", }, { category: "external", summary: "RHBZ#1828459", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1828459", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-10719", url: "https://www.cve.org/CVERecord?id=CVE-2020-10719", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-10719", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-10719", }, ], release_date: "2020-05-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "undertow: invalid HTTP request with large chunk size", }, ], }
rhsa-2020:0947
Vulnerability from csaf_redhat
Published
2020-03-23 20:12
Modified
2024-11-15 06:08
Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.3.7 security update on RHEL 8
Notes
Topic
New Red Hat Single Sign-On 7.3.7 packages are now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.3.7 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.3.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "New Red Hat Single Sign-On 7.3.7 packages are now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.3.7 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.3.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:0947", url: "https://access.redhat.com/errata/RHSA-2020:0947", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/", url: "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/", }, { category: "external", summary: "1805792", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805792", }, { category: "external", summary: "KEYCLOAK-12381", url: "https://issues.redhat.com/browse/KEYCLOAK-12381", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0947.json", }, ], title: "Red Hat Security Advisory: Red Hat Single Sign-On 7.3.7 security update on RHEL 8", tracking: { current_release_date: "2024-11-15T06:08:48+00:00", generator: { date: "2024-11-15T06:08:48+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:0947", initial_release_date: "2020-03-23T20:12:30+00:00", revision_history: [ { date: "2020-03-23T20:12:30+00:00", number: "1", summary: "Initial version", }, { date: "2020-03-23T20:12:30+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T06:08:48+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Single Sign-On 7.3 for RHEL 8", product: { name: "Red Hat Single Sign-On 7.3 for RHEL 8", product_id: "8Base-RHSSO-7.3", product_identification_helper: { cpe: "cpe:/a:redhat:red_hat_single_sign_on:7::el8", }, }, }, ], category: "product_family", name: "Red Hat Single Sign-On", }, { branches: [ { category: "product_version", name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", product: { name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", product_id: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rh-sso7-keycloak@4.8.18-1.Final_redhat_00001.1.el8sso?arch=noarch", }, }, }, { category: "product_version", name: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", product: { name: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", product_id: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rh-sso7-keycloak-server@4.8.18-1.Final_redhat_00001.1.el8sso?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.src", product: { name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.src", product_id: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.src", product_identification_helper: { purl: "pkg:rpm/redhat/rh-sso7-keycloak@4.8.18-1.Final_redhat_00001.1.el8sso?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch as a component of Red Hat Single Sign-On 7.3 for RHEL 8", product_id: "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", }, product_reference: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", relates_to_product_reference: "8Base-RHSSO-7.3", }, { category: "default_component_of", full_product_name: { name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.src as a component of Red Hat Single Sign-On 7.3 for RHEL 8", product_id: "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.src", }, product_reference: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.src", relates_to_product_reference: "8Base-RHSSO-7.3", }, { category: "default_component_of", full_product_name: { name: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch as a component of Red Hat Single Sign-On 7.3 for RHEL 8", product_id: "8Base-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", }, product_reference: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", relates_to_product_reference: "8Base-RHSSO-7.3", }, ], }, vulnerabilities: [ { cve: "CVE-2020-1744", cwe: { id: "CWE-755", name: "Improper Handling of Exceptional Conditions", }, discovery_date: "2020-02-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1805792", }, ], notes: [ { category: "description", text: "A flaw was found in keycloak. BruteForceProtector does not handle Conditional OTP Authentication Flow login failure events due to these events not being sent to the brute force protection event queue. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.src", "8Base-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1744", }, { category: "external", summary: "RHBZ#1805792", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805792", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1744", url: "https://www.cve.org/CVERecord?id=CVE-2020-1744", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", }, ], release_date: "2020-03-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:12:30+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.src", "8Base-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0947", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.src", "8Base-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP", }, ], }
rhsa-2020_0946
Vulnerability from csaf_redhat
Published
2020-03-23 20:12
Modified
2024-11-15 06:09
Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.3.7 security update on RHEL 7
Notes
Topic
New Red Hat Single Sign-On 7.3.7 packages are now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.3.7 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.3.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "New Red Hat Single Sign-On 7.3.7 packages are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.3.7 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.3.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:0946", url: "https://access.redhat.com/errata/RHSA-2020:0946", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/", url: "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/", }, { category: "external", summary: "1805792", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805792", }, { category: "external", summary: "KEYCLOAK-12380", url: "https://issues.redhat.com/browse/KEYCLOAK-12380", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0946.json", }, ], title: "Red Hat Security Advisory: Red Hat Single Sign-On 7.3.7 security update on RHEL 7", tracking: { current_release_date: "2024-11-15T06:09:55+00:00", generator: { date: "2024-11-15T06:09:55+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:0946", initial_release_date: "2020-03-23T20:12:18+00:00", revision_history: [ { date: "2020-03-23T20:12:18+00:00", number: "1", summary: "Initial version", }, { date: "2020-03-23T20:12:18+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T06:09:55+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Single Sign-On 7.3 for RHEL 7 Server", product: { name: "Red Hat Single Sign-On 7.3 for RHEL 7 Server", product_id: "7Server-RHSSO-7.3", product_identification_helper: { cpe: "cpe:/a:redhat:red_hat_single_sign_on:7::el7", }, }, }, ], category: "product_family", name: "Red Hat Single Sign-On", }, { branches: [ { category: "product_version", name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", product: { name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", product_id: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rh-sso7-keycloak@4.8.18-1.Final_redhat_00001.1.el7sso?arch=noarch", }, }, }, { category: "product_version", name: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", product: { name: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", product_id: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rh-sso7-keycloak-server@4.8.18-1.Final_redhat_00001.1.el7sso?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.src", product: { name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.src", product_id: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.src", product_identification_helper: { purl: "pkg:rpm/redhat/rh-sso7-keycloak@4.8.18-1.Final_redhat_00001.1.el7sso?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch as a component of Red Hat Single Sign-On 7.3 for RHEL 7 Server", product_id: "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", }, product_reference: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", relates_to_product_reference: "7Server-RHSSO-7.3", }, { category: "default_component_of", full_product_name: { name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.src as a component of Red Hat Single Sign-On 7.3 for RHEL 7 Server", product_id: "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.src", }, product_reference: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.src", relates_to_product_reference: "7Server-RHSSO-7.3", }, { category: "default_component_of", full_product_name: { name: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch as a component of Red Hat Single Sign-On 7.3 for RHEL 7 Server", product_id: "7Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", }, product_reference: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", relates_to_product_reference: "7Server-RHSSO-7.3", }, ], }, vulnerabilities: [ { cve: "CVE-2020-1744", cwe: { id: "CWE-755", name: "Improper Handling of Exceptional Conditions", }, discovery_date: "2020-02-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1805792", }, ], notes: [ { category: "description", text: "A flaw was found in keycloak. BruteForceProtector does not handle Conditional OTP Authentication Flow login failure events due to these events not being sent to the brute force protection event queue. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1744", }, { category: "external", summary: "RHBZ#1805792", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805792", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1744", url: "https://www.cve.org/CVERecord?id=CVE-2020-1744", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", }, ], release_date: "2020-03-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:12:18+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0946", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP", }, ], }
rhsa-2020_0951
Vulnerability from csaf_redhat
Published
2020-03-23 20:13
Modified
2024-12-08 11:15
Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.3.7 security update
Notes
Topic
A security update is now available for Red Hat Single Sign-On 7.3 from the Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.3.7 serves as a replacement for Red Hat Single Sign-On 7.3.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* libthrift: thrift: Endless loop when feed with specific input data (CVE-2019-0205)
* libthrift: thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol (CVE-2019-0210)
* commons-beanutils: apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default (CVE-2019-10086)
* xmlsec: xml-security: Apache Santuario potentially loads XML parsing code from an untrusted source (CVE-2019-12400)
* JBoss EAP: Vault system property security attribute value is revealed on CLI 'reload' command (CVE-2019-14885)
* wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use (CVE-2019-14887)
* jackson-databind: lacks certain net.sf.ehcache blocking (CVE-2019-20330)
* netty: HTTP request smuggling (CVE-2019-20444)
* netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header (CVE-2019-20445)
* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)
* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "A security update is now available for Red Hat Single Sign-On 7.3 from the Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.3.7 serves as a replacement for Red Hat Single Sign-On 7.3.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* libthrift: thrift: Endless loop when feed with specific input data (CVE-2019-0205)\n\n* libthrift: thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol (CVE-2019-0210)\n\n* commons-beanutils: apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default (CVE-2019-10086)\n\n* xmlsec: xml-security: Apache Santuario potentially loads XML parsing code from an untrusted source (CVE-2019-12400)\n\n* JBoss EAP: Vault system property security attribute value is revealed on CLI 'reload' command (CVE-2019-14885)\n\n* wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use (CVE-2019-14887)\n\n* jackson-databind: lacks certain net.sf.ehcache blocking (CVE-2019-20330)\n\n* netty: HTTP request smuggling (CVE-2019-20444)\n\n* netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header (CVE-2019-20445)\n\n* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)\n\n* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:0951", url: "https://access.redhat.com/errata/RHSA-2020:0951", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.rhsso&downloadType=securityPatches&version=7.3", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.rhsso&downloadType=securityPatches&version=7.3", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/", url: "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/", }, { category: "external", summary: "1764607", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1764607", }, { category: "external", summary: "1764612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1764612", }, { category: "external", summary: "1764658", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1764658", }, { category: "external", summary: "1767483", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1767483", }, { category: "external", summary: "1770615", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1770615", }, { category: "external", summary: "1772008", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1772008", }, { category: "external", summary: "1793154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1793154", }, { category: "external", summary: "1796225", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1796225", }, { category: "external", summary: "1798509", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1798509", }, { category: "external", summary: "1798524", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1798524", }, { category: "external", summary: "1805792", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805792", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0951.json", }, ], title: "Red Hat Security Advisory: Red Hat Single Sign-On 7.3.7 security update", tracking: { current_release_date: "2024-12-08T11:15:51+00:00", generator: { date: "2024-12-08T11:15:51+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2020:0951", initial_release_date: "2020-03-23T20:13:32+00:00", revision_history: [ { date: "2020-03-23T20:13:32+00:00", number: "1", summary: "Initial version", }, { date: "2020-03-23T20:13:32+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-08T11:15:51+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Single Sign-On 7.3", product: { name: "Red Hat Single Sign-On 7.3", product_id: "Red Hat Single Sign-On 7.3", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_single_sign_on:7.3", }, }, }, ], category: "product_family", name: "Red Hat Single Sign-On", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2019-0205", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2019-10-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1764612", }, ], notes: [ { category: "description", text: "In Apache Thrift all versions up to and including 0.12.0, a server or client may run into an endless loop when feed with specific input data. Because the issue had already been partially fixed in version 0.11.0, depending on the installed version it affects only certain language bindings.", title: "Vulnerability description", }, { category: "summary", text: "thrift: Endless loop when feed with specific input data", title: "Vulnerability summary", }, { category: "other", text: "Red Hat OpenStack Platform ships OpenDaylight, which contains a vulnerable version of libthrift. However, OpenDaylight does not expose libthrift in a vulnerable way, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe thrift package in OpenShift Container Platform is installed only in Curator images in the Logging stack. The affected code is included in this package, it's functionality is not used. This vulnerability is therefore rated Low for OpenShift Container Platform.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Single Sign-On 7.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-0205", }, { category: "external", summary: "RHBZ#1764612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1764612", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-0205", url: "https://www.cve.org/CVERecord?id=CVE-2019-0205", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-0205", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-0205", }, ], release_date: "2019-10-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:13:32+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Single Sign-On 7.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0951", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "Red Hat Single Sign-On 7.3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "thrift: Endless loop when feed with specific input data", }, { cve: "CVE-2019-0210", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2019-10-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1764607", }, ], notes: [ { category: "description", text: "In Apache Thrift 0.9.3 to 0.12.0, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with invalid input data.", title: "Vulnerability description", }, { category: "summary", text: "thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol", title: "Vulnerability summary", }, { category: "other", text: "Red Hat OpenStack Platform ships OpenDaylight, which contains a vulnerable version of libthrift. However, OpenDaylight is not affected as this is a Golang specific problem, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe version of thrift delivered in OpenShift Container Platform is not affected by this vulnerability as it does not contain the affected code.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Single Sign-On 7.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-0210", }, { category: "external", summary: "RHBZ#1764607", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1764607", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-0210", url: "https://www.cve.org/CVERecord?id=CVE-2019-0210", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-0210", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-0210", }, ], release_date: "2019-10-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:13:32+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Single Sign-On 7.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0951", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat Single Sign-On 7.3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol", }, { cve: "CVE-2019-10086", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2019-10-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1767483", }, ], notes: [ { category: "description", text: "A flaw was found in the Apache Commons BeanUtils, where the class property in PropertyUtilsBean is not suppressed by default. This flaw allows an attacker to access the classloader.", title: "Vulnerability description", }, { category: "summary", text: "apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Single Sign-On 7.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10086", }, { category: "external", summary: "RHBZ#1767483", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1767483", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10086", url: "https://www.cve.org/CVERecord?id=CVE-2019-10086", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10086", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10086", }, { category: "external", summary: "https://commons.apache.org/proper/commons-beanutils/javadocs/v1.9.4/RELEASE-NOTES.txt", url: "https://commons.apache.org/proper/commons-beanutils/javadocs/v1.9.4/RELEASE-NOTES.txt", }, ], release_date: "2019-08-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:13:32+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Single Sign-On 7.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0951", }, { category: "workaround", details: "There is no currently known mitigation for this flaw.", product_ids: [ "Red Hat Single Sign-On 7.3", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "Red Hat Single Sign-On 7.3", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default", }, { cve: "CVE-2019-12400", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2019-08-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1764658", }, ], notes: [ { category: "description", text: "In version 2.0.3 Apache Santuario XML Security for Java, a caching mechanism was introduced to speed up creating new XML documents using a static pool of DocumentBuilders. However, if some untrusted code can register a malicious implementation with the thread context class loader first, then this implementation might be cached and re-used by Apache Santuario - XML Security for Java, leading to potential security flaws when validating signed documents, etc. The vulnerability affects Apache Santuario - XML Security for Java 2.0.x releases from 2.0.3 and all 2.1.x releases before 2.1.4.", title: "Vulnerability description", }, { category: "summary", text: "xml-security: Apache Santuario potentially loads XML parsing code from an untrusted source", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Single Sign-On 7.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-12400", }, { category: "external", summary: "RHBZ#1764658", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1764658", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-12400", url: "https://www.cve.org/CVERecord?id=CVE-2019-12400", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-12400", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-12400", }, ], release_date: "2019-08-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:13:32+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Single Sign-On 7.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0951", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.0", }, products: [ "Red Hat Single Sign-On 7.3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "xml-security: Apache Santuario potentially loads XML parsing code from an untrusted source", }, { cve: "CVE-2019-14885", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2019-10-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1770615", }, ], notes: [ { category: "description", text: "A flaw was found in the JBoss EAP Vault system. Confidential information of the system property’s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI 'reload' command. This flaw can lead to the exposure of confidential information.", title: "Vulnerability description", }, { category: "summary", text: "EAP: Vault system property security attribute value is revealed on CLI 'reload' command", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Single Sign-On 7.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-14885", }, { category: "external", summary: "RHBZ#1770615", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1770615", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-14885", url: "https://www.cve.org/CVERecord?id=CVE-2019-14885", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-14885", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-14885", }, ], release_date: "2020-01-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:13:32+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Single Sign-On 7.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0951", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "Red Hat Single Sign-On 7.3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "EAP: Vault system property security attribute value is revealed on CLI 'reload' command", }, { cve: "CVE-2019-14887", cwe: { id: "CWE-757", name: "Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')", }, discovery_date: "2019-11-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1772008", }, ], notes: [ { category: "description", text: "A flaw was found when an OpenSSL security provider is used with Wildfly, the 'enabled-protocols' value in the Wildfly configuration isn't honored. An attacker could target the traffic sent from Wildfly and downgrade the connection to a weaker version of TLS, potentially breaking the encryption. This could lead to a leak of the data being passed over the network.", title: "Vulnerability description", }, { category: "summary", text: "wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Single Sign-On 7.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-14887", }, { category: "external", summary: "RHBZ#1772008", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1772008", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-14887", url: "https://www.cve.org/CVERecord?id=CVE-2019-14887", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-14887", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-14887", }, ], release_date: "2020-03-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:13:32+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Single Sign-On 7.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0951", }, { category: "workaround", details: "Avoid using an OpenSSL security provider and instead use the default configuration or regular JSSE provider with 'TLS'.", product_ids: [ "Red Hat Single Sign-On 7.3", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, products: [ "Red Hat Single Sign-On 7.3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use", }, { cve: "CVE-2019-20330", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2020-01-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1793154", }, ], notes: [ { category: "description", text: "FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: lacks certain net.sf.ehcache blocking", title: "Vulnerability summary", }, { category: "other", text: "While OpenShift Container Platform's elasticsearch plugins do ship the vulnerable component, it doesn't do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Single Sign-On 7.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-20330", }, { category: "external", summary: "RHBZ#1793154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1793154", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-20330", url: "https://www.cve.org/CVERecord?id=CVE-2019-20330", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-20330", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-20330", }, ], release_date: "2020-01-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:13:32+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Single Sign-On 7.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0951", }, { category: "workaround", details: "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", product_ids: [ "Red Hat Single Sign-On 7.3", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "Red Hat Single Sign-On 7.3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jackson-databind: lacks certain net.sf.ehcache blocking", }, { cve: "CVE-2019-20444", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, discovery_date: "2020-01-30T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1798524", }, ], notes: [ { category: "description", text: "A HTTP smuggling flaw was found in HttpObjectDecoder.java in Netty in versions prior to version 4.1.44. HTTP headers with an invalid fold, in this case CRLF (carriage return, line feed) without being followed by SP (space) or HTAB (horizontal tab), result in situations where headers can be misread. Data integrity is the highest threat with this vulnerability.", title: "Vulnerability description", }, { category: "summary", text: "netty: HTTP request smuggling", title: "Vulnerability summary", }, { category: "other", text: "OpenShift Container Platform ships a vulnerable netty library as part of the logging-elasticsearch5 container. ElasticSearch's security team has stated that the previous vulnerability, CVE-2019-16869, does not pose a substantial practical threat to ElasticSearch 6. We agree that these issues would be difficult to exploit on OpenShift Container Platform so we're reducing the impact of this issue to moderate and may fix it in the future release.\n\nRed Hat Satellite ships a vulnerable version of netty embedded in Candlepin. However, the flaw can not be triggered in that context, because HTTP requests are handled by Tomcat, not by netty. A future release may fix this.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Single Sign-On 7.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-20444", }, { category: "external", summary: "RHBZ#1798524", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1798524", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-20444", url: "https://www.cve.org/CVERecord?id=CVE-2019-20444", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-20444", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-20444", }, { category: "external", summary: "https://github.com/elastic/elasticsearch/issues/49396", url: "https://github.com/elastic/elasticsearch/issues/49396", }, ], release_date: "2020-01-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:13:32+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Single Sign-On 7.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0951", }, { category: "workaround", details: "* Use HTTP/2 instead (clear boundaries between requests)\n* Disable reuse of backend connections eg. ```http-reuse never``` in HAProxy or whatever equivalent LB settings", product_ids: [ "Red Hat Single Sign-On 7.3", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "Red Hat Single Sign-On 7.3", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "netty: HTTP request smuggling", }, { cve: "CVE-2019-20445", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, discovery_date: "2020-01-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1798509", }, ], notes: [ { category: "description", text: "A flaw was found in Netty before version 4.1.44, where it accepted multiple Content-Length headers and also accepted both Transfer-Encoding, as well as Content-Length headers where it should reject the message under such circumstances. In circumstances where Netty is used in the context of a server, it could result in a viable HTTP smuggling vulnerability.", title: "Vulnerability description", }, { category: "summary", text: "netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header", title: "Vulnerability summary", }, { category: "other", text: "OpenShift Container Platform ships a vulnerable netty library as part of the logging-elasticsearch5 container. ElasticSearch's security team has stated that the previous vulnerability, CVE-2019-16869, does not poses a substantial practical threat to ElasticSearch 6 [1]. We agree that this issue would be difficult to exploit both these vulnerabilities on OpenShift Container Platform, so we're reducing the impact of this issue to moderate and may fix it in the future release.\n\nRed Hat Satellite ships a vulnerable version of netty embedded in Candlepin. However, the flaw can not be triggered in that context, because HTTP requests are handled by Tomcat, not by netty. A future release may fix this.\n\n[1] https://github.com/elastic/elasticsearch/issues/49396", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Single Sign-On 7.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-20445", }, { category: "external", summary: "RHBZ#1798509", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1798509", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-20445", url: "https://www.cve.org/CVERecord?id=CVE-2019-20445", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-20445", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-20445", }, ], release_date: "2020-01-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:13:32+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Single Sign-On 7.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0951", }, { category: "workaround", details: "* Use HTTP/2 instead (clear boundaries between requests)\n* Disable reuse of backend connections eg. ```http-reuse never``` in HAProxy or whatever equivalent LB settings", product_ids: [ "Red Hat Single Sign-On 7.3", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "Red Hat Single Sign-On 7.3", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header", }, { cve: "CVE-2020-1744", cwe: { id: "CWE-755", name: "Improper Handling of Exceptional Conditions", }, discovery_date: "2020-02-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1805792", }, ], notes: [ { category: "description", text: "A flaw was found in keycloak. BruteForceProtector does not handle Conditional OTP Authentication Flow login failure events due to these events not being sent to the brute force protection event queue. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Single Sign-On 7.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1744", }, { category: "external", summary: "RHBZ#1805792", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805792", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1744", url: "https://www.cve.org/CVERecord?id=CVE-2020-1744", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", }, ], release_date: "2020-03-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:13:32+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Single Sign-On 7.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0951", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "Red Hat Single Sign-On 7.3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP", }, { cve: "CVE-2020-7238", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, discovery_date: "2020-01-27T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1796225", }, ], notes: [ { category: "description", text: "A flaw was found in Netty, where it mishandles Transfer-Encoding whitespace. This flaw allows HTTP Request Smuggling.", title: "Vulnerability description", }, { category: "summary", text: "netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling", title: "Vulnerability summary", }, { category: "other", text: "OpenShift Container Platform ships a vulnerable netty library as part of the logging-elasticsearch5 container. ElasticSearch's security team has stated that the previous vulnerability, CVE-2019-16869, does not poses a substantial practical threat to ElasticSearch 6 [1]. We agree that this issue would be difficult to exploit both these vulnerabilities on OpenShift Container Platform, so we're reducing the impact of this issue to moderate and may fix it in the future release.\n\nRed Hat Satellite ships vulnerable netty version embedded in Candlepin, however, is not directly vulnerable since HTTP requests are handled by Tomcat and not netty.\n\n[1] https://github.com/elastic/elasticsearch/issues/49396", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Single Sign-On 7.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-7238", }, { category: "external", summary: "RHBZ#1796225", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1796225", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-7238", url: "https://www.cve.org/CVERecord?id=CVE-2020-7238", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-7238", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-7238", }, { category: "external", summary: "https://netty.io/news/2019/12/18/4-1-44-Final.html", url: "https://netty.io/news/2019/12/18/4-1-44-Final.html", }, ], release_date: "2020-01-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:13:32+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Single Sign-On 7.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0951", }, { category: "workaround", details: "* Use HTTP/2 instead (clear boundaries between requests)\n* Disable reuse of backend connections eg. ```http-reuse never``` in HAProxy or whatever equivalent LB settings", product_ids: [ "Red Hat Single Sign-On 7.3", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "Red Hat Single Sign-On 7.3", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling", }, ], }
RHSA-2020:0951
Vulnerability from csaf_redhat
Published
2020-03-23 20:13
Modified
2025-01-19 19:49
Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.3.7 security update
Notes
Topic
A security update is now available for Red Hat Single Sign-On 7.3 from the Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.3.7 serves as a replacement for Red Hat Single Sign-On 7.3.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* libthrift: thrift: Endless loop when feed with specific input data (CVE-2019-0205)
* libthrift: thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol (CVE-2019-0210)
* commons-beanutils: apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default (CVE-2019-10086)
* xmlsec: xml-security: Apache Santuario potentially loads XML parsing code from an untrusted source (CVE-2019-12400)
* JBoss EAP: Vault system property security attribute value is revealed on CLI 'reload' command (CVE-2019-14885)
* wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use (CVE-2019-14887)
* jackson-databind: lacks certain net.sf.ehcache blocking (CVE-2019-20330)
* netty: HTTP request smuggling (CVE-2019-20444)
* netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header (CVE-2019-20445)
* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)
* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "A security update is now available for Red Hat Single Sign-On 7.3 from the Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.3.7 serves as a replacement for Red Hat Single Sign-On 7.3.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* libthrift: thrift: Endless loop when feed with specific input data (CVE-2019-0205)\n\n* libthrift: thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol (CVE-2019-0210)\n\n* commons-beanutils: apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default (CVE-2019-10086)\n\n* xmlsec: xml-security: Apache Santuario potentially loads XML parsing code from an untrusted source (CVE-2019-12400)\n\n* JBoss EAP: Vault system property security attribute value is revealed on CLI 'reload' command (CVE-2019-14885)\n\n* wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use (CVE-2019-14887)\n\n* jackson-databind: lacks certain net.sf.ehcache blocking (CVE-2019-20330)\n\n* netty: HTTP request smuggling (CVE-2019-20444)\n\n* netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header (CVE-2019-20445)\n\n* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)\n\n* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:0951", url: "https://access.redhat.com/errata/RHSA-2020:0951", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.rhsso&downloadType=securityPatches&version=7.3", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.rhsso&downloadType=securityPatches&version=7.3", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/", url: "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/", }, { category: "external", summary: "1764607", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1764607", }, { category: "external", summary: "1764612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1764612", }, { category: "external", summary: "1764658", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1764658", }, { category: "external", summary: "1767483", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1767483", }, { category: "external", summary: "1770615", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1770615", }, { category: "external", summary: "1772008", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1772008", }, { category: "external", summary: "1793154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1793154", }, { category: "external", summary: "1796225", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1796225", }, { category: "external", summary: "1798509", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1798509", }, { category: "external", summary: "1798524", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1798524", }, { category: "external", summary: "1805792", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805792", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0951.json", }, ], title: "Red Hat Security Advisory: Red Hat Single Sign-On 7.3.7 security update", tracking: { current_release_date: "2025-01-19T19:49:05+00:00", generator: { date: "2025-01-19T19:49:05+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.6", }, }, id: "RHSA-2020:0951", initial_release_date: "2020-03-23T20:13:32+00:00", revision_history: [ { date: "2020-03-23T20:13:32+00:00", number: "1", summary: "Initial version", }, { date: "2020-03-23T20:13:32+00:00", number: "2", summary: "Last updated version", }, { date: "2025-01-19T19:49:05+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Single Sign-On 7.3", product: { name: "Red Hat Single Sign-On 7.3", product_id: "Red Hat Single Sign-On 7.3", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_single_sign_on:7.3", }, }, }, ], category: "product_family", name: "Red Hat Single Sign-On", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2019-0205", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2019-10-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1764612", }, ], notes: [ { category: "description", text: "In Apache Thrift all versions up to and including 0.12.0, a server or client may run into an endless loop when feed with specific input data. Because the issue had already been partially fixed in version 0.11.0, depending on the installed version it affects only certain language bindings.", title: "Vulnerability description", }, { category: "summary", text: "thrift: Endless loop when feed with specific input data", title: "Vulnerability summary", }, { category: "other", text: "Red Hat OpenStack Platform ships OpenDaylight, which contains a vulnerable version of libthrift. However, OpenDaylight does not expose libthrift in a vulnerable way, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe thrift package in OpenShift Container Platform is installed only in Curator images in the Logging stack. The affected code is included in this package, it's functionality is not used. This vulnerability is therefore rated Low for OpenShift Container Platform.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Single Sign-On 7.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-0205", }, { category: "external", summary: "RHBZ#1764612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1764612", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-0205", url: "https://www.cve.org/CVERecord?id=CVE-2019-0205", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-0205", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-0205", }, ], release_date: "2019-10-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:13:32+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Single Sign-On 7.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0951", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "Red Hat Single Sign-On 7.3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "thrift: Endless loop when feed with specific input data", }, { cve: "CVE-2019-0210", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2019-10-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1764607", }, ], notes: [ { category: "description", text: "In Apache Thrift 0.9.3 to 0.12.0, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with invalid input data.", title: "Vulnerability description", }, { category: "summary", text: "thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol", title: "Vulnerability summary", }, { category: "other", text: "Red Hat OpenStack Platform ships OpenDaylight, which contains a vulnerable version of libthrift. However, OpenDaylight is not affected as this is a Golang specific problem, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe version of thrift delivered in OpenShift Container Platform is not affected by this vulnerability as it does not contain the affected code.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Single Sign-On 7.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-0210", }, { category: "external", summary: "RHBZ#1764607", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1764607", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-0210", url: "https://www.cve.org/CVERecord?id=CVE-2019-0210", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-0210", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-0210", }, ], release_date: "2019-10-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:13:32+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Single Sign-On 7.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0951", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat Single Sign-On 7.3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol", }, { cve: "CVE-2019-10086", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2019-10-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1767483", }, ], notes: [ { category: "description", text: "A flaw was found in the Apache Commons BeanUtils, where the class property in PropertyUtilsBean is not suppressed by default. This flaw allows an attacker to access the classloader.", title: "Vulnerability description", }, { category: "summary", text: "apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Single Sign-On 7.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10086", }, { category: "external", summary: "RHBZ#1767483", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1767483", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10086", url: "https://www.cve.org/CVERecord?id=CVE-2019-10086", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10086", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10086", }, { category: "external", summary: "https://commons.apache.org/proper/commons-beanutils/javadocs/v1.9.4/RELEASE-NOTES.txt", url: "https://commons.apache.org/proper/commons-beanutils/javadocs/v1.9.4/RELEASE-NOTES.txt", }, ], release_date: "2019-08-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:13:32+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Single Sign-On 7.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0951", }, { category: "workaround", details: "There is no currently known mitigation for this flaw.", product_ids: [ "Red Hat Single Sign-On 7.3", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "Red Hat Single Sign-On 7.3", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default", }, { cve: "CVE-2019-12400", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2019-08-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1764658", }, ], notes: [ { category: "description", text: "In version 2.0.3 Apache Santuario XML Security for Java, a caching mechanism was introduced to speed up creating new XML documents using a static pool of DocumentBuilders. However, if some untrusted code can register a malicious implementation with the thread context class loader first, then this implementation might be cached and re-used by Apache Santuario - XML Security for Java, leading to potential security flaws when validating signed documents, etc. The vulnerability affects Apache Santuario - XML Security for Java 2.0.x releases from 2.0.3 and all 2.1.x releases before 2.1.4.", title: "Vulnerability description", }, { category: "summary", text: "xml-security: Apache Santuario potentially loads XML parsing code from an untrusted source", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Single Sign-On 7.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-12400", }, { category: "external", summary: "RHBZ#1764658", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1764658", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-12400", url: "https://www.cve.org/CVERecord?id=CVE-2019-12400", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-12400", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-12400", }, ], release_date: "2019-08-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:13:32+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Single Sign-On 7.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0951", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.0", }, products: [ "Red Hat Single Sign-On 7.3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "xml-security: Apache Santuario potentially loads XML parsing code from an untrusted source", }, { cve: "CVE-2019-14885", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2019-10-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1770615", }, ], notes: [ { category: "description", text: "A flaw was found in the JBoss EAP Vault system. Confidential information of the system property’s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI 'reload' command. This flaw can lead to the exposure of confidential information.", title: "Vulnerability description", }, { category: "summary", text: "EAP: Vault system property security attribute value is revealed on CLI 'reload' command", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Single Sign-On 7.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-14885", }, { category: "external", summary: "RHBZ#1770615", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1770615", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-14885", url: "https://www.cve.org/CVERecord?id=CVE-2019-14885", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-14885", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-14885", }, ], release_date: "2020-01-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:13:32+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Single Sign-On 7.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0951", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "Red Hat Single Sign-On 7.3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "EAP: Vault system property security attribute value is revealed on CLI 'reload' command", }, { cve: "CVE-2019-14887", cwe: { id: "CWE-757", name: "Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')", }, discovery_date: "2019-11-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1772008", }, ], notes: [ { category: "description", text: "A flaw was found when an OpenSSL security provider is used with Wildfly, the 'enabled-protocols' value in the Wildfly configuration isn't honored. An attacker could target the traffic sent from Wildfly and downgrade the connection to a weaker version of TLS, potentially breaking the encryption. This could lead to a leak of the data being passed over the network.", title: "Vulnerability description", }, { category: "summary", text: "wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Single Sign-On 7.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-14887", }, { category: "external", summary: "RHBZ#1772008", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1772008", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-14887", url: "https://www.cve.org/CVERecord?id=CVE-2019-14887", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-14887", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-14887", }, ], release_date: "2020-03-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:13:32+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Single Sign-On 7.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0951", }, { category: "workaround", details: "Avoid using an OpenSSL security provider and instead use the default configuration or regular JSSE provider with 'TLS'.", product_ids: [ "Red Hat Single Sign-On 7.3", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, products: [ "Red Hat Single Sign-On 7.3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use", }, { cve: "CVE-2019-20330", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2020-01-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1793154", }, ], notes: [ { category: "description", text: "FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: lacks certain net.sf.ehcache blocking", title: "Vulnerability summary", }, { category: "other", text: "While OpenShift Container Platform's elasticsearch plugins do ship the vulnerable component, it doesn't do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Single Sign-On 7.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-20330", }, { category: "external", summary: "RHBZ#1793154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1793154", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-20330", url: "https://www.cve.org/CVERecord?id=CVE-2019-20330", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-20330", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-20330", }, ], release_date: "2020-01-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:13:32+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Single Sign-On 7.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0951", }, { category: "workaround", details: "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", product_ids: [ "Red Hat Single Sign-On 7.3", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "Red Hat Single Sign-On 7.3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jackson-databind: lacks certain net.sf.ehcache blocking", }, { cve: "CVE-2019-20444", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, discovery_date: "2020-01-30T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1798524", }, ], notes: [ { category: "description", text: "A HTTP smuggling flaw was found in HttpObjectDecoder.java in Netty in versions prior to version 4.1.44. HTTP headers with an invalid fold, in this case CRLF (carriage return, line feed) without being followed by SP (space) or HTAB (horizontal tab), result in situations where headers can be misread. Data integrity is the highest threat with this vulnerability.", title: "Vulnerability description", }, { category: "summary", text: "netty: HTTP request smuggling", title: "Vulnerability summary", }, { category: "other", text: "OpenShift Container Platform ships a vulnerable netty library as part of the logging-elasticsearch5 container. ElasticSearch's security team has stated that the previous vulnerability, CVE-2019-16869, does not pose a substantial practical threat to ElasticSearch 6. We agree that these issues would be difficult to exploit on OpenShift Container Platform so we're reducing the impact of this issue to moderate and may fix it in the future release.\n\nRed Hat Satellite ships a vulnerable version of netty embedded in Candlepin. However, the flaw can not be triggered in that context, because HTTP requests are handled by Tomcat, not by netty. A future release may fix this.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Single Sign-On 7.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-20444", }, { category: "external", summary: "RHBZ#1798524", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1798524", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-20444", url: "https://www.cve.org/CVERecord?id=CVE-2019-20444", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-20444", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-20444", }, { category: "external", summary: "https://github.com/elastic/elasticsearch/issues/49396", url: "https://github.com/elastic/elasticsearch/issues/49396", }, ], release_date: "2020-01-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:13:32+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Single Sign-On 7.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0951", }, { category: "workaround", details: "* Use HTTP/2 instead (clear boundaries between requests)\n* Disable reuse of backend connections eg. ```http-reuse never``` in HAProxy or whatever equivalent LB settings", product_ids: [ "Red Hat Single Sign-On 7.3", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "Red Hat Single Sign-On 7.3", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "netty: HTTP request smuggling", }, { cve: "CVE-2019-20445", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, discovery_date: "2020-01-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1798509", }, ], notes: [ { category: "description", text: "A flaw was found in Netty before version 4.1.44, where it accepted multiple Content-Length headers and also accepted both Transfer-Encoding, as well as Content-Length headers where it should reject the message under such circumstances. In circumstances where Netty is used in the context of a server, it could result in a viable HTTP smuggling vulnerability.", title: "Vulnerability description", }, { category: "summary", text: "netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header", title: "Vulnerability summary", }, { category: "other", text: "OpenShift Container Platform ships a vulnerable netty library as part of the logging-elasticsearch5 container. ElasticSearch's security team has stated that the previous vulnerability, CVE-2019-16869, does not poses a substantial practical threat to ElasticSearch 6 [1]. We agree that this issue would be difficult to exploit both these vulnerabilities on OpenShift Container Platform, so we're reducing the impact of this issue to moderate and may fix it in the future release.\n\nRed Hat Satellite ships a vulnerable version of netty embedded in Candlepin. However, the flaw can not be triggered in that context, because HTTP requests are handled by Tomcat, not by netty. A future release may fix this.\n\n[1] https://github.com/elastic/elasticsearch/issues/49396", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Single Sign-On 7.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-20445", }, { category: "external", summary: "RHBZ#1798509", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1798509", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-20445", url: "https://www.cve.org/CVERecord?id=CVE-2019-20445", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-20445", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-20445", }, ], release_date: "2020-01-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:13:32+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Single Sign-On 7.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0951", }, { category: "workaround", details: "* Use HTTP/2 instead (clear boundaries between requests)\n* Disable reuse of backend connections eg. ```http-reuse never``` in HAProxy or whatever equivalent LB settings", product_ids: [ "Red Hat Single Sign-On 7.3", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "Red Hat Single Sign-On 7.3", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header", }, { cve: "CVE-2020-1744", cwe: { id: "CWE-755", name: "Improper Handling of Exceptional Conditions", }, discovery_date: "2020-02-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1805792", }, ], notes: [ { category: "description", text: "A flaw was found in keycloak. BruteForceProtector does not handle Conditional OTP Authentication Flow login failure events due to these events not being sent to the brute force protection event queue. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Single Sign-On 7.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1744", }, { category: "external", summary: "RHBZ#1805792", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805792", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1744", url: "https://www.cve.org/CVERecord?id=CVE-2020-1744", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", }, ], release_date: "2020-03-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:13:32+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Single Sign-On 7.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0951", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "Red Hat Single Sign-On 7.3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP", }, { cve: "CVE-2020-7238", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, discovery_date: "2020-01-27T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1796225", }, ], notes: [ { category: "description", text: "A flaw was found in Netty, where it mishandles Transfer-Encoding whitespace. This flaw allows HTTP Request Smuggling.", title: "Vulnerability description", }, { category: "summary", text: "netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling", title: "Vulnerability summary", }, { category: "other", text: "OpenShift Container Platform ships a vulnerable netty library as part of the logging-elasticsearch5 container. ElasticSearch's security team has stated that the previous vulnerability, CVE-2019-16869, does not poses a substantial practical threat to ElasticSearch 6 [1]. We agree that this issue would be difficult to exploit both these vulnerabilities on OpenShift Container Platform, so we're reducing the impact of this issue to moderate and may fix it in the future release.\n\nRed Hat Satellite ships vulnerable netty version embedded in Candlepin, however, is not directly vulnerable since HTTP requests are handled by Tomcat and not netty.\n\n[1] https://github.com/elastic/elasticsearch/issues/49396", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Single Sign-On 7.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-7238", }, { category: "external", summary: "RHBZ#1796225", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1796225", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-7238", url: "https://www.cve.org/CVERecord?id=CVE-2020-7238", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-7238", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-7238", }, { category: "external", summary: "https://netty.io/news/2019/12/18/4-1-44-Final.html", url: "https://netty.io/news/2019/12/18/4-1-44-Final.html", }, ], release_date: "2020-01-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:13:32+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Single Sign-On 7.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0951", }, { category: "workaround", details: "* Use HTTP/2 instead (clear boundaries between requests)\n* Disable reuse of backend connections eg. ```http-reuse never``` in HAProxy or whatever equivalent LB settings", product_ids: [ "Red Hat Single Sign-On 7.3", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "Red Hat Single Sign-On 7.3", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling", }, ], }
rhsa-2020_0945
Vulnerability from csaf_redhat
Published
2020-03-23 20:12
Modified
2024-11-15 06:09
Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.3.7 security update on RHEL 6
Notes
Topic
New Red Hat Single Sign-On 7.3.7 packages are now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.3.7 on RHEL 6 serves as a replacement for Red Hat Single Sign-On 7.3.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "New Red Hat Single Sign-On 7.3.7 packages are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.3.7 on RHEL 6 serves as a replacement for Red Hat Single Sign-On 7.3.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:0945", url: "https://access.redhat.com/errata/RHSA-2020:0945", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/", url: "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/", }, { category: "external", summary: "1805792", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805792", }, { category: "external", summary: "KEYCLOAK-12379", url: "https://issues.redhat.com/browse/KEYCLOAK-12379", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0945.json", }, ], title: "Red Hat Security Advisory: Red Hat Single Sign-On 7.3.7 security update on RHEL 6", tracking: { current_release_date: "2024-11-15T06:09:48+00:00", generator: { date: "2024-11-15T06:09:48+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:0945", initial_release_date: "2020-03-23T20:12:56+00:00", revision_history: [ { date: "2020-03-23T20:12:56+00:00", number: "1", summary: "Initial version", }, { date: "2020-03-23T20:12:56+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T06:09:48+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Single Sign-On 7.3 for RHEL 6 Server", product: { name: "Red Hat Single Sign-On 7.3 for RHEL 6 Server", product_id: "6Server-RHSSO-7.3", product_identification_helper: { cpe: "cpe:/a:redhat:red_hat_single_sign_on:7::el6", }, }, }, ], category: "product_family", name: "Red Hat Single Sign-On", }, { branches: [ { category: "product_version", name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", product: { name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", product_id: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rh-sso7-keycloak@4.8.18-1.Final_redhat_00001.1.el6sso?arch=noarch", }, }, }, { category: "product_version", name: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", product: { name: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", product_id: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rh-sso7-keycloak-server@4.8.18-1.Final_redhat_00001.1.el6sso?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.src", product: { name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.src", product_id: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.src", product_identification_helper: { purl: "pkg:rpm/redhat/rh-sso7-keycloak@4.8.18-1.Final_redhat_00001.1.el6sso?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch as a component of Red Hat Single Sign-On 7.3 for RHEL 6 Server", product_id: "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", }, product_reference: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", relates_to_product_reference: "6Server-RHSSO-7.3", }, { category: "default_component_of", full_product_name: { name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.src as a component of Red Hat Single Sign-On 7.3 for RHEL 6 Server", product_id: "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.src", }, product_reference: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.src", relates_to_product_reference: "6Server-RHSSO-7.3", }, { category: "default_component_of", full_product_name: { name: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch as a component of Red Hat Single Sign-On 7.3 for RHEL 6 Server", product_id: "6Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", }, product_reference: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", relates_to_product_reference: "6Server-RHSSO-7.3", }, ], }, vulnerabilities: [ { cve: "CVE-2020-1744", cwe: { id: "CWE-755", name: "Improper Handling of Exceptional Conditions", }, discovery_date: "2020-02-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1805792", }, ], notes: [ { category: "description", text: "A flaw was found in keycloak. BruteForceProtector does not handle Conditional OTP Authentication Flow login failure events due to these events not being sent to the brute force protection event queue. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.src", "6Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1744", }, { category: "external", summary: "RHBZ#1805792", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805792", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1744", url: "https://www.cve.org/CVERecord?id=CVE-2020-1744", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", }, ], release_date: "2020-03-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:12:56+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.src", "6Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0945", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.src", "6Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP", }, ], }
RHSA-2020:0946
Vulnerability from csaf_redhat
Published
2020-03-23 20:12
Modified
2024-11-15 06:09
Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.3.7 security update on RHEL 7
Notes
Topic
New Red Hat Single Sign-On 7.3.7 packages are now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.3.7 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.3.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "New Red Hat Single Sign-On 7.3.7 packages are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.3.7 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.3.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:0946", url: "https://access.redhat.com/errata/RHSA-2020:0946", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/", url: "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/", }, { category: "external", summary: "1805792", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805792", }, { category: "external", summary: "KEYCLOAK-12380", url: "https://issues.redhat.com/browse/KEYCLOAK-12380", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0946.json", }, ], title: "Red Hat Security Advisory: Red Hat Single Sign-On 7.3.7 security update on RHEL 7", tracking: { current_release_date: "2024-11-15T06:09:55+00:00", generator: { date: "2024-11-15T06:09:55+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:0946", initial_release_date: "2020-03-23T20:12:18+00:00", revision_history: [ { date: "2020-03-23T20:12:18+00:00", number: "1", summary: "Initial version", }, { date: "2020-03-23T20:12:18+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T06:09:55+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Single Sign-On 7.3 for RHEL 7 Server", product: { name: "Red Hat Single Sign-On 7.3 for RHEL 7 Server", product_id: "7Server-RHSSO-7.3", product_identification_helper: { cpe: "cpe:/a:redhat:red_hat_single_sign_on:7::el7", }, }, }, ], category: "product_family", name: "Red Hat Single Sign-On", }, { branches: [ { category: "product_version", name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", product: { name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", product_id: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rh-sso7-keycloak@4.8.18-1.Final_redhat_00001.1.el7sso?arch=noarch", }, }, }, { category: "product_version", name: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", product: { name: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", product_id: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rh-sso7-keycloak-server@4.8.18-1.Final_redhat_00001.1.el7sso?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.src", product: { name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.src", product_id: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.src", product_identification_helper: { purl: "pkg:rpm/redhat/rh-sso7-keycloak@4.8.18-1.Final_redhat_00001.1.el7sso?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch as a component of Red Hat Single Sign-On 7.3 for RHEL 7 Server", product_id: "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", }, product_reference: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", relates_to_product_reference: "7Server-RHSSO-7.3", }, { category: "default_component_of", full_product_name: { name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.src as a component of Red Hat Single Sign-On 7.3 for RHEL 7 Server", product_id: "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.src", }, product_reference: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.src", relates_to_product_reference: "7Server-RHSSO-7.3", }, { category: "default_component_of", full_product_name: { name: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch as a component of Red Hat Single Sign-On 7.3 for RHEL 7 Server", product_id: "7Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", }, product_reference: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", relates_to_product_reference: "7Server-RHSSO-7.3", }, ], }, vulnerabilities: [ { cve: "CVE-2020-1744", cwe: { id: "CWE-755", name: "Improper Handling of Exceptional Conditions", }, discovery_date: "2020-02-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1805792", }, ], notes: [ { category: "description", text: "A flaw was found in keycloak. BruteForceProtector does not handle Conditional OTP Authentication Flow login failure events due to these events not being sent to the brute force protection event queue. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1744", }, { category: "external", summary: "RHBZ#1805792", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805792", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1744", url: "https://www.cve.org/CVERecord?id=CVE-2020-1744", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", }, ], release_date: "2020-03-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:12:18+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0946", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP", }, ], }
rhsa-2020_2252
Vulnerability from csaf_redhat
Published
2020-06-01 15:32
Modified
2024-11-15 06:11
Summary
Red Hat Security Advisory: Red Hat support for Spring Boot 2.2.6 security and bug fix update
Notes
Topic
An update is now available for Red Hat OpenShift Application Runtimes.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications (monoliths and microservices) for OpenShift as a containerized platform.
This release of Red Hat support for Spring Boot 2.2.6 serves as a replacement for Red Hat support for Spring Boot 2.1.13, and includes security and bug fixes and enhancements. For further information, refer to the release notes linked to in the References section.
Security Fix(es):
* keycloak: security issue on reset credential flow (CVE-2020-1718)
* keycloak: stored XSS in client settings via application links (CVE-2020-1697)
* keycloak: missing input validation in IDP authorization URLs (CVE-2020-1727)
* keycloak: Password leak by logged exception in HttpMethod class (CVE-2020-1698)
* keycloak: problem with privacy after user logout (CVE-2020-1724)
* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for Red Hat OpenShift Application Runtimes.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications (monoliths and microservices) for OpenShift as a containerized platform.\n\nThis release of Red Hat support for Spring Boot 2.2.6 serves as a replacement for Red Hat support for Spring Boot 2.1.13, and includes security and bug fixes and enhancements. For further information, refer to the release notes linked to in the References section.\n\nSecurity Fix(es):\n\n* keycloak: security issue on reset credential flow (CVE-2020-1718)\n\n* keycloak: stored XSS in client settings via application links (CVE-2020-1697)\n\n* keycloak: missing input validation in IDP authorization URLs (CVE-2020-1727)\n\n* keycloak: Password leak by logged exception in HttpMethod class (CVE-2020-1698)\n\n* keycloak: problem with privacy after user logout (CVE-2020-1724)\n\n* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:2252", url: "https://access.redhat.com/errata/RHSA-2020:2252", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=catRhoar.spring.boot&version=2.2.6", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=catRhoar.spring.boot&version=2.2.6", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_support_for_spring_boot/", url: "https://access.redhat.com/documentation/en-us/red_hat_support_for_spring_boot/", }, { category: "external", summary: "1790292", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1790292", }, { category: "external", summary: "1791538", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1791538", }, { category: "external", summary: "1796756", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1796756", }, { category: "external", summary: "1800527", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1800527", }, { category: "external", summary: "1800573", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1800573", }, { category: "external", summary: "1805792", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805792", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2252.json", }, ], title: "Red Hat Security Advisory: Red Hat support for Spring Boot 2.2.6 security and bug fix update", tracking: { current_release_date: "2024-11-15T06:11:06+00:00", generator: { date: "2024-11-15T06:11:06+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:2252", initial_release_date: "2020-06-01T15:32:19+00:00", revision_history: [ { date: "2020-06-01T15:32:19+00:00", number: "1", summary: "Initial version", }, { date: "2020-06-01T15:32:19+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T06:11:06+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Runtimes Spring Boot 2.2.6", product: { name: "Red Hat Runtimes Spring Boot 2.2.6", product_id: "Red Hat Runtimes Spring Boot 2.2.6", product_identification_helper: { cpe: "cpe:/a:redhat:openshift_application_runtimes:1.0", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Application Runtimes", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Cure53 Berlin", ], }, ], cve: "CVE-2020-1697", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2020-01-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1791538", }, ], notes: [ { category: "description", text: "A flaw was found during the assessment of the Admin Console application for Keycloak, where it was found that Application Links to external applications are not validated properly. An attacker could use this flaw to cause Stored XSS attacks.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: stored XSS in client settings via application links", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1697", }, { category: "external", summary: "RHBZ#1791538", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1791538", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1697", url: "https://www.cve.org/CVERecord?id=CVE-2020-1697", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1697", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1697", }, ], release_date: "2020-02-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-06-01T15:32:19+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Runtimes Spring Boot 2.2.6", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2252", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "keycloak: stored XSS in client settings via application links", }, { acknowledgments: [ { names: [ "Tobias Friedrich", ], }, ], cve: "CVE-2020-1698", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2020-01-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1790292", }, ], notes: [ { category: "description", text: "A flaw was found in keycloak. A logged exception in the HttpMethod class may leak the password given as parameter. The highest threat from this vulnerability is to data confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: Password leak by logged exception in HttpMethod class", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1698", }, { category: "external", summary: "RHBZ#1790292", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1790292", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1698", url: "https://www.cve.org/CVERecord?id=CVE-2020-1698", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1698", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1698", }, ], release_date: "2020-05-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-06-01T15:32:19+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Runtimes Spring Boot 2.2.6", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2252", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "keycloak: Password leak by logged exception in HttpMethod class", }, { cve: "CVE-2020-1718", cwe: { id: "CWE-287", name: "Improper Authentication", }, discovery_date: "2020-01-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1796756", }, ], notes: [ { category: "description", text: "A flaw was found in the reset credential flow in Keycloak. This flaw allows an attacker to gain unauthorized access to the application.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: security issue on reset credential flow", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1718", }, { category: "external", summary: "RHBZ#1796756", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1796756", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1718", url: "https://www.cve.org/CVERecord?id=CVE-2020-1718", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1718", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1718", }, ], release_date: "2020-05-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-06-01T15:32:19+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Runtimes Spring Boot 2.2.6", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2252", }, { category: "workaround", details: "Disable reset credential flow.", product_ids: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "keycloak: security issue on reset credential flow", }, { acknowledgments: [ { names: [ "Francesco Cusinato", ], }, ], cve: "CVE-2020-1724", cwe: { id: "CWE-613", name: "Insufficient Session Expiration", }, discovery_date: "2020-02-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1800527", }, ], notes: [ { category: "description", text: "A flaw was found in Keycloak. This flaw allows a malicious user that is currently logged in, to see the personal information of a previously logged out user in the account manager section.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: problem with privacy after user logout", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1724", }, { category: "external", summary: "RHBZ#1800527", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1800527", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1724", url: "https://www.cve.org/CVERecord?id=CVE-2020-1724", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1724", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1724", }, ], release_date: "2020-05-07T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-06-01T15:32:19+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Runtimes Spring Boot 2.2.6", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2252", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "keycloak: problem with privacy after user logout", }, { acknowledgments: [ { names: [ "Sebastian Moritz", ], organization: "Cure53", }, ], cve: "CVE-2020-1727", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2020-02-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1800573", }, ], notes: [ { category: "description", text: "A flaw was found in Keycloak, where every Authorization URL that points to an IDP server lacks proper input validation as it allows a wide range of characters. This flaw allows a malicious to craft deep links that introduce further attack scenarios on affected clients.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: missing input validation in IDP authorization URLs", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1727", }, { category: "external", summary: "RHBZ#1800573", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1800573", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1727", url: "https://www.cve.org/CVERecord?id=CVE-2020-1727", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1727", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1727", }, ], release_date: "2020-05-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-06-01T15:32:19+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Runtimes Spring Boot 2.2.6", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2252", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "keycloak: missing input validation in IDP authorization URLs", }, { cve: "CVE-2020-1744", cwe: { id: "CWE-755", name: "Improper Handling of Exceptional Conditions", }, discovery_date: "2020-02-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1805792", }, ], notes: [ { category: "description", text: "A flaw was found in keycloak. BruteForceProtector does not handle Conditional OTP Authentication Flow login failure events due to these events not being sent to the brute force protection event queue. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1744", }, { category: "external", summary: "RHBZ#1805792", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805792", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1744", url: "https://www.cve.org/CVERecord?id=CVE-2020-1744", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", }, ], release_date: "2020-03-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-06-01T15:32:19+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Runtimes Spring Boot 2.2.6", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2252", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP", }, ], }
rhsa-2020:2905
Vulnerability from csaf_redhat
Published
2020-07-23 07:03
Modified
2025-03-16 05:26
Summary
Red Hat Security Advisory: Red Hat build of Thorntail 2.7.0 security and bug fix update
Notes
Topic
An update is now available for Red Hat build of Thorntail.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.
Details
This release of Red Hat build of Thorntail 2.7.0 includes security updates, bug fixes, and enhancements. For more information, see the release notes listed in the References section.
Security Fix(es):
* Wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain (CVE-2020-1719)
* cxf: reflected XSS in the services listing page (CVE-2019-17573)
* undertow: AJP File Read/Inclusion Vulnerability (CVE-2020-1745)
* Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371 (CVE-2020-6950)
* resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class (CVE-2020-1695)
* undertow: servletPath is normalized incorrectly leading to dangerous application mapping which could result in security bypass (CVE-2020-1757)
* keycloak: stored XSS in client settings via application links (CVE-2020-1697)
* keycloak: problem with privacy after user logout (CVE-2020-1724)
* keycloak: Password leak by logged exception in HttpMethod class (CVE-2020-1698)
* cxf: OpenId Connect token service does not properly validate the clientId (CVE-2019-12423)
* Soteria: security identity corruption across concurrent threads (CVE-2020-1732)
* keycloak: missing input validation in IDP authorization URLs (CVE-2020-1727)
* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)
* keycloak: security issue on reset credential flow (CVE-2020-1718)
* keycloak: Lack of checks in ObjectInputStream leading to Remote Code Execution (CVE-2020-1714)
* RESTEasy: RESTEASY003870 exception in RESTEasy can lead to a reflected XSS attack (CVE-2020-10688)
* undertow: invalid HTTP request with large chunk size (CVE-2020-10719)
* undertow: Memory exhaustion issue in HttpReadListener via "Expect: 100- continue" header (CVE-2020-10705)
For more details about the security issues and their impact, the CVSS score, acknowledgements, and other related information, see the CVE pages listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for Red Hat build of Thorntail.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.", title: "Topic", }, { category: "general", text: "This release of Red Hat build of Thorntail 2.7.0 includes security updates, bug fixes, and enhancements. For more information, see the release notes listed in the References section.\n\nSecurity Fix(es):\n\n* Wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain (CVE-2020-1719)\n\n* cxf: reflected XSS in the services listing page (CVE-2019-17573)\n\n* undertow: AJP File Read/Inclusion Vulnerability (CVE-2020-1745)\n\n* Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371 (CVE-2020-6950)\n\n* resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class (CVE-2020-1695)\n\n* undertow: servletPath is normalized incorrectly leading to dangerous application mapping which could result in security bypass (CVE-2020-1757)\n\n* keycloak: stored XSS in client settings via application links (CVE-2020-1697)\n\n* keycloak: problem with privacy after user logout (CVE-2020-1724)\n\n* keycloak: Password leak by logged exception in HttpMethod class (CVE-2020-1698)\n\n* cxf: OpenId Connect token service does not properly validate the clientId (CVE-2019-12423)\n\n* Soteria: security identity corruption across concurrent threads (CVE-2020-1732)\n\n* keycloak: missing input validation in IDP authorization URLs (CVE-2020-1727)\n\n* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)\n\n* keycloak: security issue on reset credential flow (CVE-2020-1718)\n\n* keycloak: Lack of checks in ObjectInputStream leading to Remote Code Execution (CVE-2020-1714)\n\n* RESTEasy: RESTEASY003870 exception in RESTEasy can lead to a reflected XSS attack (CVE-2020-10688)\n\n* undertow: invalid HTTP request with large chunk size (CVE-2020-10719)\n\n* undertow: Memory exhaustion issue in HttpReadListener via \"Expect: 100- continue\" header (CVE-2020-10705)\n\nFor more details about the security issues and their impact, the CVSS score, acknowledgements, and other related information, see the CVE pages listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:2905", url: "https://access.redhat.com/errata/RHSA-2020:2905", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=catRhoar.thorntail&version=2.7.0", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=catRhoar.thorntail&version=2.7.0", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_build_of_thorntail/2.7/html/release_notes_for_thorntail_2.7/", url: "https://access.redhat.com/documentation/en-us/red_hat_build_of_thorntail/2.7/html/release_notes_for_thorntail_2.7/", }, { category: "external", summary: "1705975", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1705975", }, { category: "external", summary: "1730462", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1730462", }, { category: "external", summary: "1752770", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1752770", }, { category: "external", summary: "1790292", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1790292", }, { category: "external", summary: "1791538", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1791538", }, { category: "external", summary: "1796617", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1796617", }, { category: "external", summary: "1796756", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1796756", }, { category: "external", summary: "1797006", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1797006", }, { category: "external", summary: "1797011", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1797011", }, { category: "external", summary: "1800527", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1800527", }, { category: "external", summary: "1800573", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1800573", }, { category: "external", summary: "1801726", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1801726", }, { category: "external", summary: "1803241", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1803241", }, { category: "external", summary: "1805006", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805006", }, { category: "external", summary: "1805792", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805792", }, { category: "external", summary: "1807305", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1807305", }, { category: "external", summary: "1814974", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1814974", }, { category: "external", summary: "1828459", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1828459", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2905.json", }, ], title: "Red Hat Security Advisory: Red Hat build of Thorntail 2.7.0 security and bug fix update", tracking: { current_release_date: "2025-03-16T05:26:27+00:00", generator: { date: "2025-03-16T05:26:27+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2020:2905", initial_release_date: "2020-07-23T07:03:40+00:00", revision_history: [ { date: "2020-07-23T07:03:40+00:00", number: "1", summary: "Initial version", }, { date: "2020-07-23T07:03:40+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-16T05:26:27+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Text-Only RHOAR", product: { name: "Text-Only RHOAR", product_id: "Text-Only RHOAR", product_identification_helper: { cpe: "cpe:/a:redhat:openshift_application_runtimes:1.0", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Application Runtimes", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2019-12423", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, discovery_date: "2020-01-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1797006", }, ], notes: [ { category: "description", text: "Apache CXF ships with a OpenId Connect JWK Keys service, which allows a client to obtain the public keys in JWK format, which can then be used to verify the signature of tokens issued by the service. Typically, the service obtains the public key from a local keystore (JKS/PKCS12) by specifing the path of the keystore and the alias of the keystore entry. This case is not vulnerable. However it is also possible to obtain the keys from a JWK keystore file, by setting the configuration parameter \"rs.security.keystore.type\" to \"jwk\". For this case all keys are returned in this file \"as is\", including all private key and secret key credentials. This is an obvious security risk if the user has configured the signature keystore file with private or secret key credentials. From CXF 3.3.5 and 3.2.12, it is mandatory to specify an alias corresponding to the id of the key in the JWK file, and only this key is returned. In addition, any private key information is omitted by default. \"oct\" keys, which contain secret keys, are not returned at all.", title: "Vulnerability description", }, { category: "summary", text: "cxf: OpenId Connect token service does not properly validate the clientId", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-12423", }, { category: "external", summary: "RHBZ#1797006", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1797006", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-12423", url: "https://www.cve.org/CVERecord?id=CVE-2019-12423", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-12423", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-12423", }, ], release_date: "2020-01-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "cxf: OpenId Connect token service does not properly validate the clientId", }, { cve: "CVE-2019-17573", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2020-01-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1797011", }, ], notes: [ { category: "description", text: "By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting (XSS) attack, which allows a malicious actor to inject javascript into the web page. Please note that the attack exploits a feature which is not typically not present in modern browsers, who remove dot segments before sending the request. However, Mobile applications may be vulnerable.", title: "Vulnerability description", }, { category: "summary", text: "cxf: reflected XSS in the services listing page", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-17573", }, { category: "external", summary: "RHBZ#1797011", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1797011", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-17573", url: "https://www.cve.org/CVERecord?id=CVE-2019-17573", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-17573", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-17573", }, ], release_date: "2020-01-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, { category: "workaround", details: "Mitigate this flaw by disabling the service listing altogether; via setting the \"hide-service-list-page\" servlet parameter to \"true\".", product_ids: [ "Text-Only RHOAR", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "cxf: reflected XSS in the services listing page", }, { acknowledgments: [ { names: [ "Mirko Selber", ], organization: "Compass Security", }, ], cve: "CVE-2020-1695", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2019-07-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1730462", }, ], notes: [ { category: "description", text: "A flaw was found in Resteasy, where an improper input validation results in returning an illegal header that integrates into the server's response. This flaw may result in an injection, which leads to unexpected behavior when the HTTP response is constructed.", title: "Vulnerability description", }, { category: "summary", text: "resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1695", }, { category: "external", summary: "RHBZ#1730462", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1730462", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1695", url: "https://www.cve.org/CVERecord?id=CVE-2020-1695", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1695", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1695", }, ], release_date: "2020-04-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.0", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class", }, { acknowledgments: [ { names: [ "Cure53 Berlin", ], }, ], cve: "CVE-2020-1697", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2020-01-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1791538", }, ], notes: [ { category: "description", text: "A flaw was found during the assessment of the Admin Console application for Keycloak, where it was found that Application Links to external applications are not validated properly. An attacker could use this flaw to cause Stored XSS attacks.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: stored XSS in client settings via application links", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1697", }, { category: "external", summary: "RHBZ#1791538", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1791538", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1697", url: "https://www.cve.org/CVERecord?id=CVE-2020-1697", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1697", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1697", }, ], release_date: "2020-02-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "keycloak: stored XSS in client settings via application links", }, { acknowledgments: [ { names: [ "Tobias Friedrich", ], }, ], cve: "CVE-2020-1698", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2020-01-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1790292", }, ], notes: [ { category: "description", text: "A flaw was found in keycloak. A logged exception in the HttpMethod class may leak the password given as parameter. The highest threat from this vulnerability is to data confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: Password leak by logged exception in HttpMethod class", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1698", }, { category: "external", summary: "RHBZ#1790292", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1790292", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1698", url: "https://www.cve.org/CVERecord?id=CVE-2020-1698", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1698", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1698", }, ], release_date: "2020-05-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "keycloak: Password leak by logged exception in HttpMethod class", }, { acknowledgments: [ { names: [ "Thomas Darimont", ], }, ], cve: "CVE-2020-1714", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2019-04-29T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1705975", }, ], notes: [ { category: "description", text: "A flaw was found in Keycloak, where the code base contains usages of ObjectInputStream without type checks. This flaw allows an attacker to inject arbitrarily serialized Java Objects, which would then get deserialized in a privileged context and potentially lead to remote code execution.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: Lack of checks in ObjectInputStream leading to Remote Code Execution", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1714", }, { category: "external", summary: "RHBZ#1705975", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1705975", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1714", url: "https://www.cve.org/CVERecord?id=CVE-2020-1714", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1714", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1714", }, ], release_date: "2020-05-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, { category: "workaround", details: "There is currently no known mitigation for this issue.", product_ids: [ "Text-Only RHOAR", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "keycloak: Lack of checks in ObjectInputStream leading to Remote Code Execution", }, { cve: "CVE-2020-1718", cwe: { id: "CWE-287", name: "Improper Authentication", }, discovery_date: "2020-01-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1796756", }, ], notes: [ { category: "description", text: "A flaw was found in the reset credential flow in Keycloak. This flaw allows an attacker to gain unauthorized access to the application.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: security issue on reset credential flow", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1718", }, { category: "external", summary: "RHBZ#1796756", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1796756", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1718", url: "https://www.cve.org/CVERecord?id=CVE-2020-1718", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1718", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1718", }, ], release_date: "2020-05-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, { category: "workaround", details: "Disable reset credential flow.", product_ids: [ "Text-Only RHOAR", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "keycloak: security issue on reset credential flow", }, { cve: "CVE-2020-1719", cwe: { id: "CWE-270", name: "Privilege Context Switching Error", }, discovery_date: "2019-08-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1796617", }, ], notes: [ { category: "description", text: "A flaw was found in wildfly. The EJBContext principle is not popped back after invoking another EJB using a different Security Domain. The highest threat from this vulnerability is to data confidentiality and integrity.", title: "Vulnerability description", }, { category: "summary", text: "Wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1719", }, { category: "external", summary: "RHBZ#1796617", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1796617", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1719", url: "https://www.cve.org/CVERecord?id=CVE-2020-1719", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1719", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1719", }, ], release_date: "2019-06-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain", }, { acknowledgments: [ { names: [ "Francesco Cusinato", ], }, ], cve: "CVE-2020-1724", cwe: { id: "CWE-613", name: "Insufficient Session Expiration", }, discovery_date: "2020-02-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1800527", }, ], notes: [ { category: "description", text: "A flaw was found in Keycloak. This flaw allows a malicious user that is currently logged in, to see the personal information of a previously logged out user in the account manager section.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: problem with privacy after user logout", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1724", }, { category: "external", summary: "RHBZ#1800527", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1800527", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1724", url: "https://www.cve.org/CVERecord?id=CVE-2020-1724", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1724", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1724", }, ], release_date: "2020-05-07T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "keycloak: problem with privacy after user logout", }, { acknowledgments: [ { names: [ "Sebastian Moritz", ], organization: "Cure53", }, ], cve: "CVE-2020-1727", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2020-02-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1800573", }, ], notes: [ { category: "description", text: "A flaw was found in Keycloak, where every Authorization URL that points to an IDP server lacks proper input validation as it allows a wide range of characters. This flaw allows a malicious to craft deep links that introduce further attack scenarios on affected clients.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: missing input validation in IDP authorization URLs", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1727", }, { category: "external", summary: "RHBZ#1800573", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1800573", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1727", url: "https://www.cve.org/CVERecord?id=CVE-2020-1727", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1727", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1727", }, ], release_date: "2020-05-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "keycloak: missing input validation in IDP authorization URLs", }, { cve: "CVE-2020-1732", cwe: { id: "CWE-284", name: "Improper Access Control", }, discovery_date: "2020-02-11T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1801726", }, ], notes: [ { category: "description", text: "A flaw was found in WildFly where multiple requests occurring concurrently could be handled using the identity of another request. This vulnerability occurs when using EE Security with WildFly Elytron. The largest threat from this vulnerability is data confidentiality and integrity.", title: "Vulnerability description", }, { category: "summary", text: "Soteria: security identity corruption across concurrent threads", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1732", }, { category: "external", summary: "RHBZ#1801726", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1801726", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1732", url: "https://www.cve.org/CVERecord?id=CVE-2020-1732", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1732", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1732", }, ], release_date: "2020-02-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "Soteria: security identity corruption across concurrent threads", }, { cve: "CVE-2020-1744", cwe: { id: "CWE-755", name: "Improper Handling of Exceptional Conditions", }, discovery_date: "2020-02-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1805792", }, ], notes: [ { category: "description", text: "A flaw was found in keycloak. BruteForceProtector does not handle Conditional OTP Authentication Flow login failure events due to these events not being sent to the brute force protection event queue. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1744", }, { category: "external", summary: "RHBZ#1805792", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805792", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1744", url: "https://www.cve.org/CVERecord?id=CVE-2020-1744", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", }, ], release_date: "2020-03-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP", }, { acknowledgments: [ { names: [ "Steve Zapantis", "Robert Roberson", "taktakdb4g", ], }, ], cve: "CVE-2020-1745", cwe: { id: "CWE-285", name: "Improper Authorization", }, discovery_date: "2020-02-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1807305", }, ], notes: [ { category: "description", text: "A file inclusion vulnerability was found in the AJP connector enabled with a default AJP configuration port of 8009 in Undertow version 2.0.29.Final and before. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instances where the vulnerable server allows file uploads, an attacker could upload malicious JavaServer Pages (JSP) code within a variety of file types and trigger this vulnerability to gain remote code execution.", title: "Vulnerability description", }, { category: "summary", text: "undertow: AJP File Read/Inclusion Vulnerability", title: "Vulnerability summary", }, { category: "other", text: "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251 and CVE page https://access.redhat.com/security/cve/cve-2020-1938", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1745", }, { category: "external", summary: "RHBZ#1807305", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1807305", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1745", url: "https://www.cve.org/CVERecord?id=CVE-2020-1745", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1745", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1745", }, { category: "external", summary: "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/", url: "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/", }, { category: "external", summary: "https://www.cnvd.org.cn/webinfo/show/5415", url: "https://www.cnvd.org.cn/webinfo/show/5415", }, { category: "external", summary: "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487", url: "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487", }, ], release_date: "2020-02-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, { category: "workaround", details: "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251", product_ids: [ "Text-Only RHOAR", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 7.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "undertow: AJP File Read/Inclusion Vulnerability", }, { acknowledgments: [ { names: [ "Fedorov Oleksii", "Keitaro Yamazaki", "Shiga Ryota", ], organization: "LINE Corporation", }, ], cve: "CVE-2020-1757", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2019-09-09T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1752770", }, ], notes: [ { category: "description", text: "A flaw was found in Undertow, where the servlet container causes the servletPath to normalize incorrectly by truncating the path after the semicolon. The flaw may lead to application mapping, resulting in a security bypass.", title: "Vulnerability description", }, { category: "summary", text: "undertow: servletPath is normalized incorrectly leading to dangerous application mapping which could result in security bypass", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1757", }, { category: "external", summary: "RHBZ#1752770", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1752770", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1757", url: "https://www.cve.org/CVERecord?id=CVE-2020-1757", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1757", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1757", }, ], release_date: "2018-12-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, { category: "workaround", details: "The issue can be mitigated by configuring UrlPathHelper to ignore the servletPath via setting \"alwaysUseFullPath\".", product_ids: [ "Text-Only RHOAR", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "undertow: servletPath is normalized incorrectly leading to dangerous application mapping which could result in security bypass", }, { acknowledgments: [ { names: [ "An Trinh", ], }, ], cve: "CVE-2020-6950", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, discovery_date: "2019-12-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1805006", }, ], notes: [ { category: "description", text: "A flaw was found in Eclipse Mojarra before version 2.3.14, where it is vulnerable to a path traversal flaw via the loc parameter or the con parameter. An attacker could exploit this flaw to read arbitrary files.", title: "Vulnerability description", }, { category: "summary", text: "Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-6950", }, { category: "external", summary: "RHBZ#1805006", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805006", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-6950", url: "https://www.cve.org/CVERecord?id=CVE-2020-6950", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-6950", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-6950", }, { category: "external", summary: "https://bugs.eclipse.org/bugs/show_bug.cgi?id=550943", url: "https://bugs.eclipse.org/bugs/show_bug.cgi?id=550943", }, { category: "external", summary: "https://github.com/eclipse-ee4j/mojarra/commit/1b434748d9239f42eae8aa7d37d7a0930c061e24", url: "https://github.com/eclipse-ee4j/mojarra/commit/1b434748d9239f42eae8aa7d37d7a0930c061e24", }, { category: "external", summary: "https://github.com/eclipse-ee4j/mojarra/commit/cefbb9447e7be560e59da2da6bd7cb93776f7741", url: "https://github.com/eclipse-ee4j/mojarra/commit/cefbb9447e7be560e59da2da6bd7cb93776f7741", }, { category: "external", summary: "https://github.com/eclipse-ee4j/mojarra/issues/4571", url: "https://github.com/eclipse-ee4j/mojarra/issues/4571", }, { category: "external", summary: "https://github.com/javaserverfaces/mojarra/issues/4364", url: "https://github.com/javaserverfaces/mojarra/issues/4364", }, ], release_date: "2020-02-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, { category: "workaround", details: "There is no currently known mitigation for this flaw.", product_ids: [ "Text-Only RHOAR", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371", }, { cve: "CVE-2020-10688", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2020-03-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1814974", }, ], notes: [ { category: "description", text: "A cross-site scripting (XSS) flaw was found in RESTEasy, where it did not properly handle URL encoding when the RESTEASY003870 exception occurs. An attacker could use this flaw to launch a reflected XSS attack.", title: "Vulnerability description", }, { category: "summary", text: "RESTEasy: RESTEASY003870 exception in RESTEasy can lead to a reflected XSS attack", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-10688", }, { category: "external", summary: "RHBZ#1814974", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1814974", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-10688", url: "https://www.cve.org/CVERecord?id=CVE-2020-10688", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-10688", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-10688", }, { category: "external", summary: "https://github.com/quarkusio/quarkus/issues/7248", url: "https://github.com/quarkusio/quarkus/issues/7248", }, { category: "external", summary: "https://issues.redhat.com/browse/RESTEASY-2519", url: "https://issues.redhat.com/browse/RESTEASY-2519", }, ], release_date: "2020-02-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "RESTEasy: RESTEASY003870 exception in RESTEasy can lead to a reflected XSS attack", }, { cve: "CVE-2020-10705", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2020-02-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1803241", }, ], notes: [ { category: "description", text: "A flaw was discovered in Undertow where certain requests to the \"Expect: 100-continue\" header may cause an out of memory error. This flaw may potentially lead to a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "undertow: Memory exhaustion issue in HttpReadListener via \"Expect: 100-continue\" header", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-10705", }, { category: "external", summary: "RHBZ#1803241", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1803241", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-10705", url: "https://www.cve.org/CVERecord?id=CVE-2020-10705", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-10705", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-10705", }, ], release_date: "2020-05-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, { category: "workaround", details: "There is currently no known mitigation for this security flaw.", product_ids: [ "Text-Only RHOAR", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "undertow: Memory exhaustion issue in HttpReadListener via \"Expect: 100-continue\" header", }, { acknowledgments: [ { names: [ "ZeddYu", ], }, ], cve: "CVE-2020-10719", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, discovery_date: "2020-02-11T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1828459", }, ], notes: [ { category: "description", text: "A flaw was found in Undertow, regarding the processing of invalid HTTP requests with large chunk sizes. This flaw allows an attacker to take advantage of HTTP request smuggling.", title: "Vulnerability description", }, { category: "summary", text: "undertow: invalid HTTP request with large chunk size", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-10719", }, { category: "external", summary: "RHBZ#1828459", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1828459", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-10719", url: "https://www.cve.org/CVERecord?id=CVE-2020-10719", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-10719", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-10719", }, ], release_date: "2020-05-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "undertow: invalid HTTP request with large chunk size", }, ], }
RHSA-2020:2252
Vulnerability from csaf_redhat
Published
2020-06-01 15:32
Modified
2025-03-16 05:26
Summary
Red Hat Security Advisory: Red Hat support for Spring Boot 2.2.6 security and bug fix update
Notes
Topic
An update is now available for Red Hat OpenShift Application Runtimes.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications (monoliths and microservices) for OpenShift as a containerized platform.
This release of Red Hat support for Spring Boot 2.2.6 serves as a replacement for Red Hat support for Spring Boot 2.1.13, and includes security and bug fixes and enhancements. For further information, refer to the release notes linked to in the References section.
Security Fix(es):
* keycloak: security issue on reset credential flow (CVE-2020-1718)
* keycloak: stored XSS in client settings via application links (CVE-2020-1697)
* keycloak: missing input validation in IDP authorization URLs (CVE-2020-1727)
* keycloak: Password leak by logged exception in HttpMethod class (CVE-2020-1698)
* keycloak: problem with privacy after user logout (CVE-2020-1724)
* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for Red Hat OpenShift Application Runtimes.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications (monoliths and microservices) for OpenShift as a containerized platform.\n\nThis release of Red Hat support for Spring Boot 2.2.6 serves as a replacement for Red Hat support for Spring Boot 2.1.13, and includes security and bug fixes and enhancements. For further information, refer to the release notes linked to in the References section.\n\nSecurity Fix(es):\n\n* keycloak: security issue on reset credential flow (CVE-2020-1718)\n\n* keycloak: stored XSS in client settings via application links (CVE-2020-1697)\n\n* keycloak: missing input validation in IDP authorization URLs (CVE-2020-1727)\n\n* keycloak: Password leak by logged exception in HttpMethod class (CVE-2020-1698)\n\n* keycloak: problem with privacy after user logout (CVE-2020-1724)\n\n* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:2252", url: "https://access.redhat.com/errata/RHSA-2020:2252", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=catRhoar.spring.boot&version=2.2.6", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=catRhoar.spring.boot&version=2.2.6", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_support_for_spring_boot/", url: "https://access.redhat.com/documentation/en-us/red_hat_support_for_spring_boot/", }, { category: "external", summary: "1790292", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1790292", }, { category: "external", summary: "1791538", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1791538", }, { category: "external", summary: "1796756", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1796756", }, { category: "external", summary: "1800527", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1800527", }, { category: "external", summary: "1800573", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1800573", }, { category: "external", summary: "1805792", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805792", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2252.json", }, ], title: "Red Hat Security Advisory: Red Hat support for Spring Boot 2.2.6 security and bug fix update", tracking: { current_release_date: "2025-03-16T05:26:18+00:00", generator: { date: "2025-03-16T05:26:18+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2020:2252", initial_release_date: "2020-06-01T15:32:19+00:00", revision_history: [ { date: "2020-06-01T15:32:19+00:00", number: "1", summary: "Initial version", }, { date: "2020-06-01T15:32:19+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-16T05:26:18+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Runtimes Spring Boot 2.2.6", product: { name: "Red Hat Runtimes Spring Boot 2.2.6", product_id: "Red Hat Runtimes Spring Boot 2.2.6", product_identification_helper: { cpe: "cpe:/a:redhat:openshift_application_runtimes:1.0", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Application Runtimes", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Cure53 Berlin", ], }, ], cve: "CVE-2020-1697", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2020-01-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1791538", }, ], notes: [ { category: "description", text: "A flaw was found during the assessment of the Admin Console application for Keycloak, where it was found that Application Links to external applications are not validated properly. An attacker could use this flaw to cause Stored XSS attacks.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: stored XSS in client settings via application links", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1697", }, { category: "external", summary: "RHBZ#1791538", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1791538", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1697", url: "https://www.cve.org/CVERecord?id=CVE-2020-1697", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1697", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1697", }, ], release_date: "2020-02-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-06-01T15:32:19+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Runtimes Spring Boot 2.2.6", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2252", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "keycloak: stored XSS in client settings via application links", }, { acknowledgments: [ { names: [ "Tobias Friedrich", ], }, ], cve: "CVE-2020-1698", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2020-01-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1790292", }, ], notes: [ { category: "description", text: "A flaw was found in keycloak. A logged exception in the HttpMethod class may leak the password given as parameter. The highest threat from this vulnerability is to data confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: Password leak by logged exception in HttpMethod class", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1698", }, { category: "external", summary: "RHBZ#1790292", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1790292", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1698", url: "https://www.cve.org/CVERecord?id=CVE-2020-1698", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1698", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1698", }, ], release_date: "2020-05-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-06-01T15:32:19+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Runtimes Spring Boot 2.2.6", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2252", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "keycloak: Password leak by logged exception in HttpMethod class", }, { cve: "CVE-2020-1718", cwe: { id: "CWE-287", name: "Improper Authentication", }, discovery_date: "2020-01-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1796756", }, ], notes: [ { category: "description", text: "A flaw was found in the reset credential flow in Keycloak. This flaw allows an attacker to gain unauthorized access to the application.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: security issue on reset credential flow", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1718", }, { category: "external", summary: "RHBZ#1796756", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1796756", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1718", url: "https://www.cve.org/CVERecord?id=CVE-2020-1718", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1718", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1718", }, ], release_date: "2020-05-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-06-01T15:32:19+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Runtimes Spring Boot 2.2.6", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2252", }, { category: "workaround", details: "Disable reset credential flow.", product_ids: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "keycloak: security issue on reset credential flow", }, { acknowledgments: [ { names: [ "Francesco Cusinato", ], }, ], cve: "CVE-2020-1724", cwe: { id: "CWE-613", name: "Insufficient Session Expiration", }, discovery_date: "2020-02-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1800527", }, ], notes: [ { category: "description", text: "A flaw was found in Keycloak. This flaw allows a malicious user that is currently logged in, to see the personal information of a previously logged out user in the account manager section.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: problem with privacy after user logout", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1724", }, { category: "external", summary: "RHBZ#1800527", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1800527", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1724", url: "https://www.cve.org/CVERecord?id=CVE-2020-1724", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1724", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1724", }, ], release_date: "2020-05-07T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-06-01T15:32:19+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Runtimes Spring Boot 2.2.6", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2252", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "keycloak: problem with privacy after user logout", }, { acknowledgments: [ { names: [ "Sebastian Moritz", ], organization: "Cure53", }, ], cve: "CVE-2020-1727", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2020-02-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1800573", }, ], notes: [ { category: "description", text: "A flaw was found in Keycloak, where every Authorization URL that points to an IDP server lacks proper input validation as it allows a wide range of characters. This flaw allows a malicious to craft deep links that introduce further attack scenarios on affected clients.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: missing input validation in IDP authorization URLs", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1727", }, { category: "external", summary: "RHBZ#1800573", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1800573", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1727", url: "https://www.cve.org/CVERecord?id=CVE-2020-1727", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1727", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1727", }, ], release_date: "2020-05-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-06-01T15:32:19+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Runtimes Spring Boot 2.2.6", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2252", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "keycloak: missing input validation in IDP authorization URLs", }, { cve: "CVE-2020-1744", cwe: { id: "CWE-755", name: "Improper Handling of Exceptional Conditions", }, discovery_date: "2020-02-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1805792", }, ], notes: [ { category: "description", text: "A flaw was found in keycloak. BruteForceProtector does not handle Conditional OTP Authentication Flow login failure events due to these events not being sent to the brute force protection event queue. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1744", }, { category: "external", summary: "RHBZ#1805792", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805792", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1744", url: "https://www.cve.org/CVERecord?id=CVE-2020-1744", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", }, ], release_date: "2020-03-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-06-01T15:32:19+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Runtimes Spring Boot 2.2.6", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2252", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP", }, ], }
rhsa-2020:0945
Vulnerability from csaf_redhat
Published
2020-03-23 20:12
Modified
2024-11-15 06:09
Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.3.7 security update on RHEL 6
Notes
Topic
New Red Hat Single Sign-On 7.3.7 packages are now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.3.7 on RHEL 6 serves as a replacement for Red Hat Single Sign-On 7.3.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "New Red Hat Single Sign-On 7.3.7 packages are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.3.7 on RHEL 6 serves as a replacement for Red Hat Single Sign-On 7.3.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:0945", url: "https://access.redhat.com/errata/RHSA-2020:0945", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/", url: "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/", }, { category: "external", summary: "1805792", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805792", }, { category: "external", summary: "KEYCLOAK-12379", url: "https://issues.redhat.com/browse/KEYCLOAK-12379", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0945.json", }, ], title: "Red Hat Security Advisory: Red Hat Single Sign-On 7.3.7 security update on RHEL 6", tracking: { current_release_date: "2024-11-15T06:09:48+00:00", generator: { date: "2024-11-15T06:09:48+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:0945", initial_release_date: "2020-03-23T20:12:56+00:00", revision_history: [ { date: "2020-03-23T20:12:56+00:00", number: "1", summary: "Initial version", }, { date: "2020-03-23T20:12:56+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T06:09:48+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Single Sign-On 7.3 for RHEL 6 Server", product: { name: "Red Hat Single Sign-On 7.3 for RHEL 6 Server", product_id: "6Server-RHSSO-7.3", product_identification_helper: { cpe: "cpe:/a:redhat:red_hat_single_sign_on:7::el6", }, }, }, ], category: "product_family", name: "Red Hat Single Sign-On", }, { branches: [ { category: "product_version", name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", product: { name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", product_id: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rh-sso7-keycloak@4.8.18-1.Final_redhat_00001.1.el6sso?arch=noarch", }, }, }, { category: "product_version", name: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", product: { name: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", product_id: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rh-sso7-keycloak-server@4.8.18-1.Final_redhat_00001.1.el6sso?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.src", product: { name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.src", product_id: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.src", product_identification_helper: { purl: "pkg:rpm/redhat/rh-sso7-keycloak@4.8.18-1.Final_redhat_00001.1.el6sso?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch as a component of Red Hat Single Sign-On 7.3 for RHEL 6 Server", product_id: "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", }, product_reference: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", relates_to_product_reference: "6Server-RHSSO-7.3", }, { category: "default_component_of", full_product_name: { name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.src as a component of Red Hat Single Sign-On 7.3 for RHEL 6 Server", product_id: "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.src", }, product_reference: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.src", relates_to_product_reference: "6Server-RHSSO-7.3", }, { category: "default_component_of", full_product_name: { name: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch as a component of Red Hat Single Sign-On 7.3 for RHEL 6 Server", product_id: "6Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", }, product_reference: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", relates_to_product_reference: "6Server-RHSSO-7.3", }, ], }, vulnerabilities: [ { cve: "CVE-2020-1744", cwe: { id: "CWE-755", name: "Improper Handling of Exceptional Conditions", }, discovery_date: "2020-02-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1805792", }, ], notes: [ { category: "description", text: "A flaw was found in keycloak. BruteForceProtector does not handle Conditional OTP Authentication Flow login failure events due to these events not being sent to the brute force protection event queue. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.src", "6Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1744", }, { category: "external", summary: "RHBZ#1805792", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805792", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1744", url: "https://www.cve.org/CVERecord?id=CVE-2020-1744", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", }, ], release_date: "2020-03-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:12:56+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.src", "6Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0945", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.src", "6Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP", }, ], }
rhsa-2020:0946
Vulnerability from csaf_redhat
Published
2020-03-23 20:12
Modified
2024-11-15 06:09
Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.3.7 security update on RHEL 7
Notes
Topic
New Red Hat Single Sign-On 7.3.7 packages are now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.3.7 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.3.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "New Red Hat Single Sign-On 7.3.7 packages are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.3.7 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.3.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:0946", url: "https://access.redhat.com/errata/RHSA-2020:0946", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/", url: "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/", }, { category: "external", summary: "1805792", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805792", }, { category: "external", summary: "KEYCLOAK-12380", url: "https://issues.redhat.com/browse/KEYCLOAK-12380", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0946.json", }, ], title: "Red Hat Security Advisory: Red Hat Single Sign-On 7.3.7 security update on RHEL 7", tracking: { current_release_date: "2024-11-15T06:09:55+00:00", generator: { date: "2024-11-15T06:09:55+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:0946", initial_release_date: "2020-03-23T20:12:18+00:00", revision_history: [ { date: "2020-03-23T20:12:18+00:00", number: "1", summary: "Initial version", }, { date: "2020-03-23T20:12:18+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T06:09:55+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Single Sign-On 7.3 for RHEL 7 Server", product: { name: "Red Hat Single Sign-On 7.3 for RHEL 7 Server", product_id: "7Server-RHSSO-7.3", product_identification_helper: { cpe: "cpe:/a:redhat:red_hat_single_sign_on:7::el7", }, }, }, ], category: "product_family", name: "Red Hat Single Sign-On", }, { branches: [ { category: "product_version", name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", product: { name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", product_id: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rh-sso7-keycloak@4.8.18-1.Final_redhat_00001.1.el7sso?arch=noarch", }, }, }, { category: "product_version", name: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", product: { name: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", product_id: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rh-sso7-keycloak-server@4.8.18-1.Final_redhat_00001.1.el7sso?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.src", product: { name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.src", product_id: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.src", product_identification_helper: { purl: "pkg:rpm/redhat/rh-sso7-keycloak@4.8.18-1.Final_redhat_00001.1.el7sso?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch as a component of Red Hat Single Sign-On 7.3 for RHEL 7 Server", product_id: "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", }, product_reference: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", relates_to_product_reference: "7Server-RHSSO-7.3", }, { category: "default_component_of", full_product_name: { name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.src as a component of Red Hat Single Sign-On 7.3 for RHEL 7 Server", product_id: "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.src", }, product_reference: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.src", relates_to_product_reference: "7Server-RHSSO-7.3", }, { category: "default_component_of", full_product_name: { name: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch as a component of Red Hat Single Sign-On 7.3 for RHEL 7 Server", product_id: "7Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", }, product_reference: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", relates_to_product_reference: "7Server-RHSSO-7.3", }, ], }, vulnerabilities: [ { cve: "CVE-2020-1744", cwe: { id: "CWE-755", name: "Improper Handling of Exceptional Conditions", }, discovery_date: "2020-02-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1805792", }, ], notes: [ { category: "description", text: "A flaw was found in keycloak. BruteForceProtector does not handle Conditional OTP Authentication Flow login failure events due to these events not being sent to the brute force protection event queue. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1744", }, { category: "external", summary: "RHBZ#1805792", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805792", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1744", url: "https://www.cve.org/CVERecord?id=CVE-2020-1744", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", }, ], release_date: "2020-03-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:12:18+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0946", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el7sso.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP", }, ], }
rhsa-2020:2252
Vulnerability from csaf_redhat
Published
2020-06-01 15:32
Modified
2025-03-16 05:26
Summary
Red Hat Security Advisory: Red Hat support for Spring Boot 2.2.6 security and bug fix update
Notes
Topic
An update is now available for Red Hat OpenShift Application Runtimes.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications (monoliths and microservices) for OpenShift as a containerized platform.
This release of Red Hat support for Spring Boot 2.2.6 serves as a replacement for Red Hat support for Spring Boot 2.1.13, and includes security and bug fixes and enhancements. For further information, refer to the release notes linked to in the References section.
Security Fix(es):
* keycloak: security issue on reset credential flow (CVE-2020-1718)
* keycloak: stored XSS in client settings via application links (CVE-2020-1697)
* keycloak: missing input validation in IDP authorization URLs (CVE-2020-1727)
* keycloak: Password leak by logged exception in HttpMethod class (CVE-2020-1698)
* keycloak: problem with privacy after user logout (CVE-2020-1724)
* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for Red Hat OpenShift Application Runtimes.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications (monoliths and microservices) for OpenShift as a containerized platform.\n\nThis release of Red Hat support for Spring Boot 2.2.6 serves as a replacement for Red Hat support for Spring Boot 2.1.13, and includes security and bug fixes and enhancements. For further information, refer to the release notes linked to in the References section.\n\nSecurity Fix(es):\n\n* keycloak: security issue on reset credential flow (CVE-2020-1718)\n\n* keycloak: stored XSS in client settings via application links (CVE-2020-1697)\n\n* keycloak: missing input validation in IDP authorization URLs (CVE-2020-1727)\n\n* keycloak: Password leak by logged exception in HttpMethod class (CVE-2020-1698)\n\n* keycloak: problem with privacy after user logout (CVE-2020-1724)\n\n* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:2252", url: "https://access.redhat.com/errata/RHSA-2020:2252", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=catRhoar.spring.boot&version=2.2.6", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=catRhoar.spring.boot&version=2.2.6", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_support_for_spring_boot/", url: "https://access.redhat.com/documentation/en-us/red_hat_support_for_spring_boot/", }, { category: "external", summary: "1790292", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1790292", }, { category: "external", summary: "1791538", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1791538", }, { category: "external", summary: "1796756", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1796756", }, { category: "external", summary: "1800527", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1800527", }, { category: "external", summary: "1800573", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1800573", }, { category: "external", summary: "1805792", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805792", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2252.json", }, ], title: "Red Hat Security Advisory: Red Hat support for Spring Boot 2.2.6 security and bug fix update", tracking: { current_release_date: "2025-03-16T05:26:18+00:00", generator: { date: "2025-03-16T05:26:18+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2020:2252", initial_release_date: "2020-06-01T15:32:19+00:00", revision_history: [ { date: "2020-06-01T15:32:19+00:00", number: "1", summary: "Initial version", }, { date: "2020-06-01T15:32:19+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-16T05:26:18+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Runtimes Spring Boot 2.2.6", product: { name: "Red Hat Runtimes Spring Boot 2.2.6", product_id: "Red Hat Runtimes Spring Boot 2.2.6", product_identification_helper: { cpe: "cpe:/a:redhat:openshift_application_runtimes:1.0", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Application Runtimes", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Cure53 Berlin", ], }, ], cve: "CVE-2020-1697", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2020-01-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1791538", }, ], notes: [ { category: "description", text: "A flaw was found during the assessment of the Admin Console application for Keycloak, where it was found that Application Links to external applications are not validated properly. An attacker could use this flaw to cause Stored XSS attacks.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: stored XSS in client settings via application links", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1697", }, { category: "external", summary: "RHBZ#1791538", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1791538", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1697", url: "https://www.cve.org/CVERecord?id=CVE-2020-1697", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1697", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1697", }, ], release_date: "2020-02-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-06-01T15:32:19+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Runtimes Spring Boot 2.2.6", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2252", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "keycloak: stored XSS in client settings via application links", }, { acknowledgments: [ { names: [ "Tobias Friedrich", ], }, ], cve: "CVE-2020-1698", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2020-01-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1790292", }, ], notes: [ { category: "description", text: "A flaw was found in keycloak. A logged exception in the HttpMethod class may leak the password given as parameter. The highest threat from this vulnerability is to data confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: Password leak by logged exception in HttpMethod class", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1698", }, { category: "external", summary: "RHBZ#1790292", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1790292", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1698", url: "https://www.cve.org/CVERecord?id=CVE-2020-1698", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1698", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1698", }, ], release_date: "2020-05-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-06-01T15:32:19+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Runtimes Spring Boot 2.2.6", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2252", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "keycloak: Password leak by logged exception in HttpMethod class", }, { cve: "CVE-2020-1718", cwe: { id: "CWE-287", name: "Improper Authentication", }, discovery_date: "2020-01-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1796756", }, ], notes: [ { category: "description", text: "A flaw was found in the reset credential flow in Keycloak. This flaw allows an attacker to gain unauthorized access to the application.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: security issue on reset credential flow", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1718", }, { category: "external", summary: "RHBZ#1796756", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1796756", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1718", url: "https://www.cve.org/CVERecord?id=CVE-2020-1718", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1718", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1718", }, ], release_date: "2020-05-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-06-01T15:32:19+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Runtimes Spring Boot 2.2.6", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2252", }, { category: "workaround", details: "Disable reset credential flow.", product_ids: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "keycloak: security issue on reset credential flow", }, { acknowledgments: [ { names: [ "Francesco Cusinato", ], }, ], cve: "CVE-2020-1724", cwe: { id: "CWE-613", name: "Insufficient Session Expiration", }, discovery_date: "2020-02-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1800527", }, ], notes: [ { category: "description", text: "A flaw was found in Keycloak. This flaw allows a malicious user that is currently logged in, to see the personal information of a previously logged out user in the account manager section.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: problem with privacy after user logout", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1724", }, { category: "external", summary: "RHBZ#1800527", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1800527", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1724", url: "https://www.cve.org/CVERecord?id=CVE-2020-1724", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1724", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1724", }, ], release_date: "2020-05-07T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-06-01T15:32:19+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Runtimes Spring Boot 2.2.6", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2252", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "keycloak: problem with privacy after user logout", }, { acknowledgments: [ { names: [ "Sebastian Moritz", ], organization: "Cure53", }, ], cve: "CVE-2020-1727", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2020-02-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1800573", }, ], notes: [ { category: "description", text: "A flaw was found in Keycloak, where every Authorization URL that points to an IDP server lacks proper input validation as it allows a wide range of characters. This flaw allows a malicious to craft deep links that introduce further attack scenarios on affected clients.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: missing input validation in IDP authorization URLs", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1727", }, { category: "external", summary: "RHBZ#1800573", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1800573", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1727", url: "https://www.cve.org/CVERecord?id=CVE-2020-1727", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1727", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1727", }, ], release_date: "2020-05-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-06-01T15:32:19+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Runtimes Spring Boot 2.2.6", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2252", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "keycloak: missing input validation in IDP authorization URLs", }, { cve: "CVE-2020-1744", cwe: { id: "CWE-755", name: "Improper Handling of Exceptional Conditions", }, discovery_date: "2020-02-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1805792", }, ], notes: [ { category: "description", text: "A flaw was found in keycloak. BruteForceProtector does not handle Conditional OTP Authentication Flow login failure events due to these events not being sent to the brute force protection event queue. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1744", }, { category: "external", summary: "RHBZ#1805792", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805792", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1744", url: "https://www.cve.org/CVERecord?id=CVE-2020-1744", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", }, ], release_date: "2020-03-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-06-01T15:32:19+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat Runtimes Spring Boot 2.2.6", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2252", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "Red Hat Runtimes Spring Boot 2.2.6", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP", }, ], }
rhsa-2020_0947
Vulnerability from csaf_redhat
Published
2020-03-23 20:12
Modified
2024-11-15 06:08
Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.3.7 security update on RHEL 8
Notes
Topic
New Red Hat Single Sign-On 7.3.7 packages are now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.3.7 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.3.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "New Red Hat Single Sign-On 7.3.7 packages are now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.3.7 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.3.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:0947", url: "https://access.redhat.com/errata/RHSA-2020:0947", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/", url: "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/", }, { category: "external", summary: "1805792", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805792", }, { category: "external", summary: "KEYCLOAK-12381", url: "https://issues.redhat.com/browse/KEYCLOAK-12381", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0947.json", }, ], title: "Red Hat Security Advisory: Red Hat Single Sign-On 7.3.7 security update on RHEL 8", tracking: { current_release_date: "2024-11-15T06:08:48+00:00", generator: { date: "2024-11-15T06:08:48+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:0947", initial_release_date: "2020-03-23T20:12:30+00:00", revision_history: [ { date: "2020-03-23T20:12:30+00:00", number: "1", summary: "Initial version", }, { date: "2020-03-23T20:12:30+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T06:08:48+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Single Sign-On 7.3 for RHEL 8", product: { name: "Red Hat Single Sign-On 7.3 for RHEL 8", product_id: "8Base-RHSSO-7.3", product_identification_helper: { cpe: "cpe:/a:redhat:red_hat_single_sign_on:7::el8", }, }, }, ], category: "product_family", name: "Red Hat Single Sign-On", }, { branches: [ { category: "product_version", name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", product: { name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", product_id: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rh-sso7-keycloak@4.8.18-1.Final_redhat_00001.1.el8sso?arch=noarch", }, }, }, { category: "product_version", name: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", product: { name: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", product_id: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rh-sso7-keycloak-server@4.8.18-1.Final_redhat_00001.1.el8sso?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.src", product: { name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.src", product_id: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.src", product_identification_helper: { purl: "pkg:rpm/redhat/rh-sso7-keycloak@4.8.18-1.Final_redhat_00001.1.el8sso?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch as a component of Red Hat Single Sign-On 7.3 for RHEL 8", product_id: "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", }, product_reference: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", relates_to_product_reference: "8Base-RHSSO-7.3", }, { category: "default_component_of", full_product_name: { name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.src as a component of Red Hat Single Sign-On 7.3 for RHEL 8", product_id: "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.src", }, product_reference: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.src", relates_to_product_reference: "8Base-RHSSO-7.3", }, { category: "default_component_of", full_product_name: { name: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch as a component of Red Hat Single Sign-On 7.3 for RHEL 8", product_id: "8Base-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", }, product_reference: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", relates_to_product_reference: "8Base-RHSSO-7.3", }, ], }, vulnerabilities: [ { cve: "CVE-2020-1744", cwe: { id: "CWE-755", name: "Improper Handling of Exceptional Conditions", }, discovery_date: "2020-02-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1805792", }, ], notes: [ { category: "description", text: "A flaw was found in keycloak. BruteForceProtector does not handle Conditional OTP Authentication Flow login failure events due to these events not being sent to the brute force protection event queue. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.src", "8Base-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1744", }, { category: "external", summary: "RHBZ#1805792", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805792", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1744", url: "https://www.cve.org/CVERecord?id=CVE-2020-1744", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", }, ], release_date: "2020-03-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:12:30+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.src", "8Base-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0947", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.src", "8Base-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP", }, ], }
RHSA-2020:0947
Vulnerability from csaf_redhat
Published
2020-03-23 20:12
Modified
2024-11-15 06:08
Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.3.7 security update on RHEL 8
Notes
Topic
New Red Hat Single Sign-On 7.3.7 packages are now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.3.7 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.3.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "New Red Hat Single Sign-On 7.3.7 packages are now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.3.7 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.3.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:0947", url: "https://access.redhat.com/errata/RHSA-2020:0947", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/", url: "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/", }, { category: "external", summary: "1805792", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805792", }, { category: "external", summary: "KEYCLOAK-12381", url: "https://issues.redhat.com/browse/KEYCLOAK-12381", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0947.json", }, ], title: "Red Hat Security Advisory: Red Hat Single Sign-On 7.3.7 security update on RHEL 8", tracking: { current_release_date: "2024-11-15T06:08:48+00:00", generator: { date: "2024-11-15T06:08:48+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:0947", initial_release_date: "2020-03-23T20:12:30+00:00", revision_history: [ { date: "2020-03-23T20:12:30+00:00", number: "1", summary: "Initial version", }, { date: "2020-03-23T20:12:30+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T06:08:48+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Single Sign-On 7.3 for RHEL 8", product: { name: "Red Hat Single Sign-On 7.3 for RHEL 8", product_id: "8Base-RHSSO-7.3", product_identification_helper: { cpe: "cpe:/a:redhat:red_hat_single_sign_on:7::el8", }, }, }, ], category: "product_family", name: "Red Hat Single Sign-On", }, { branches: [ { category: "product_version", name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", product: { name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", product_id: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rh-sso7-keycloak@4.8.18-1.Final_redhat_00001.1.el8sso?arch=noarch", }, }, }, { category: "product_version", name: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", product: { name: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", product_id: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rh-sso7-keycloak-server@4.8.18-1.Final_redhat_00001.1.el8sso?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.src", product: { name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.src", product_id: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.src", product_identification_helper: { purl: "pkg:rpm/redhat/rh-sso7-keycloak@4.8.18-1.Final_redhat_00001.1.el8sso?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch as a component of Red Hat Single Sign-On 7.3 for RHEL 8", product_id: "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", }, product_reference: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", relates_to_product_reference: "8Base-RHSSO-7.3", }, { category: "default_component_of", full_product_name: { name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.src as a component of Red Hat Single Sign-On 7.3 for RHEL 8", product_id: "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.src", }, product_reference: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.src", relates_to_product_reference: "8Base-RHSSO-7.3", }, { category: "default_component_of", full_product_name: { name: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch as a component of Red Hat Single Sign-On 7.3 for RHEL 8", product_id: "8Base-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", }, product_reference: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", relates_to_product_reference: "8Base-RHSSO-7.3", }, ], }, vulnerabilities: [ { cve: "CVE-2020-1744", cwe: { id: "CWE-755", name: "Improper Handling of Exceptional Conditions", }, discovery_date: "2020-02-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1805792", }, ], notes: [ { category: "description", text: "A flaw was found in keycloak. BruteForceProtector does not handle Conditional OTP Authentication Flow login failure events due to these events not being sent to the brute force protection event queue. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.src", "8Base-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1744", }, { category: "external", summary: "RHBZ#1805792", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805792", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1744", url: "https://www.cve.org/CVERecord?id=CVE-2020-1744", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", }, ], release_date: "2020-03-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:12:30+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.src", "8Base-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0947", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el8sso.src", "8Base-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el8sso.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP", }, ], }
rhsa-2020_2905
Vulnerability from csaf_redhat
Published
2020-07-23 07:03
Modified
2024-11-15 09:35
Summary
Red Hat Security Advisory: Red Hat build of Thorntail 2.7.0 security and bug fix update
Notes
Topic
An update is now available for Red Hat build of Thorntail.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.
Details
This release of Red Hat build of Thorntail 2.7.0 includes security updates, bug fixes, and enhancements. For more information, see the release notes listed in the References section.
Security Fix(es):
* Wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain (CVE-2020-1719)
* cxf: reflected XSS in the services listing page (CVE-2019-17573)
* undertow: AJP File Read/Inclusion Vulnerability (CVE-2020-1745)
* Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371 (CVE-2020-6950)
* resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class (CVE-2020-1695)
* undertow: servletPath is normalized incorrectly leading to dangerous application mapping which could result in security bypass (CVE-2020-1757)
* keycloak: stored XSS in client settings via application links (CVE-2020-1697)
* keycloak: problem with privacy after user logout (CVE-2020-1724)
* keycloak: Password leak by logged exception in HttpMethod class (CVE-2020-1698)
* cxf: OpenId Connect token service does not properly validate the clientId (CVE-2019-12423)
* Soteria: security identity corruption across concurrent threads (CVE-2020-1732)
* keycloak: missing input validation in IDP authorization URLs (CVE-2020-1727)
* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)
* keycloak: security issue on reset credential flow (CVE-2020-1718)
* keycloak: Lack of checks in ObjectInputStream leading to Remote Code Execution (CVE-2020-1714)
* RESTEasy: RESTEASY003870 exception in RESTEasy can lead to a reflected XSS attack (CVE-2020-10688)
* undertow: invalid HTTP request with large chunk size (CVE-2020-10719)
* undertow: Memory exhaustion issue in HttpReadListener via "Expect: 100- continue" header (CVE-2020-10705)
For more details about the security issues and their impact, the CVSS score, acknowledgements, and other related information, see the CVE pages listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for Red Hat build of Thorntail.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.", title: "Topic", }, { category: "general", text: "This release of Red Hat build of Thorntail 2.7.0 includes security updates, bug fixes, and enhancements. For more information, see the release notes listed in the References section.\n\nSecurity Fix(es):\n\n* Wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain (CVE-2020-1719)\n\n* cxf: reflected XSS in the services listing page (CVE-2019-17573)\n\n* undertow: AJP File Read/Inclusion Vulnerability (CVE-2020-1745)\n\n* Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371 (CVE-2020-6950)\n\n* resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class (CVE-2020-1695)\n\n* undertow: servletPath is normalized incorrectly leading to dangerous application mapping which could result in security bypass (CVE-2020-1757)\n\n* keycloak: stored XSS in client settings via application links (CVE-2020-1697)\n\n* keycloak: problem with privacy after user logout (CVE-2020-1724)\n\n* keycloak: Password leak by logged exception in HttpMethod class (CVE-2020-1698)\n\n* cxf: OpenId Connect token service does not properly validate the clientId (CVE-2019-12423)\n\n* Soteria: security identity corruption across concurrent threads (CVE-2020-1732)\n\n* keycloak: missing input validation in IDP authorization URLs (CVE-2020-1727)\n\n* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)\n\n* keycloak: security issue on reset credential flow (CVE-2020-1718)\n\n* keycloak: Lack of checks in ObjectInputStream leading to Remote Code Execution (CVE-2020-1714)\n\n* RESTEasy: RESTEASY003870 exception in RESTEasy can lead to a reflected XSS attack (CVE-2020-10688)\n\n* undertow: invalid HTTP request with large chunk size (CVE-2020-10719)\n\n* undertow: Memory exhaustion issue in HttpReadListener via \"Expect: 100- continue\" header (CVE-2020-10705)\n\nFor more details about the security issues and their impact, the CVSS score, acknowledgements, and other related information, see the CVE pages listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:2905", url: "https://access.redhat.com/errata/RHSA-2020:2905", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=catRhoar.thorntail&version=2.7.0", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=catRhoar.thorntail&version=2.7.0", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_build_of_thorntail/2.7/html/release_notes_for_thorntail_2.7/", url: "https://access.redhat.com/documentation/en-us/red_hat_build_of_thorntail/2.7/html/release_notes_for_thorntail_2.7/", }, { category: "external", summary: "1705975", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1705975", }, { category: "external", summary: "1730462", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1730462", }, { category: "external", summary: "1752770", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1752770", }, { category: "external", summary: "1790292", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1790292", }, { category: "external", summary: "1791538", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1791538", }, { category: "external", summary: "1796617", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1796617", }, { category: "external", summary: "1796756", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1796756", }, { category: "external", summary: "1797006", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1797006", }, { category: "external", summary: "1797011", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1797011", }, { category: "external", summary: "1800527", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1800527", }, { category: "external", summary: "1800573", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1800573", }, { category: "external", summary: "1801726", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1801726", }, { category: "external", summary: "1803241", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1803241", }, { category: "external", summary: "1805006", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805006", }, { category: "external", summary: "1805792", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805792", }, { category: "external", summary: "1807305", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1807305", }, { category: "external", summary: "1814974", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1814974", }, { category: "external", summary: "1828459", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1828459", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2905.json", }, ], title: "Red Hat Security Advisory: Red Hat build of Thorntail 2.7.0 security and bug fix update", tracking: { current_release_date: "2024-11-15T09:35:53+00:00", generator: { date: "2024-11-15T09:35:53+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:2905", initial_release_date: "2020-07-23T07:03:40+00:00", revision_history: [ { date: "2020-07-23T07:03:40+00:00", number: "1", summary: "Initial version", }, { date: "2020-07-23T07:03:40+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T09:35:53+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Text-Only RHOAR", product: { name: "Text-Only RHOAR", product_id: "Text-Only RHOAR", product_identification_helper: { cpe: "cpe:/a:redhat:openshift_application_runtimes:1.0", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Application Runtimes", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2019-12423", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, discovery_date: "2020-01-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1797006", }, ], notes: [ { category: "description", text: "Apache CXF ships with a OpenId Connect JWK Keys service, which allows a client to obtain the public keys in JWK format, which can then be used to verify the signature of tokens issued by the service. Typically, the service obtains the public key from a local keystore (JKS/PKCS12) by specifing the path of the keystore and the alias of the keystore entry. This case is not vulnerable. However it is also possible to obtain the keys from a JWK keystore file, by setting the configuration parameter \"rs.security.keystore.type\" to \"jwk\". For this case all keys are returned in this file \"as is\", including all private key and secret key credentials. This is an obvious security risk if the user has configured the signature keystore file with private or secret key credentials. From CXF 3.3.5 and 3.2.12, it is mandatory to specify an alias corresponding to the id of the key in the JWK file, and only this key is returned. In addition, any private key information is omitted by default. \"oct\" keys, which contain secret keys, are not returned at all.", title: "Vulnerability description", }, { category: "summary", text: "cxf: OpenId Connect token service does not properly validate the clientId", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-12423", }, { category: "external", summary: "RHBZ#1797006", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1797006", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-12423", url: "https://www.cve.org/CVERecord?id=CVE-2019-12423", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-12423", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-12423", }, ], release_date: "2020-01-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "cxf: OpenId Connect token service does not properly validate the clientId", }, { cve: "CVE-2019-17573", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2020-01-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1797011", }, ], notes: [ { category: "description", text: "By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting (XSS) attack, which allows a malicious actor to inject javascript into the web page. Please note that the attack exploits a feature which is not typically not present in modern browsers, who remove dot segments before sending the request. However, Mobile applications may be vulnerable.", title: "Vulnerability description", }, { category: "summary", text: "cxf: reflected XSS in the services listing page", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-17573", }, { category: "external", summary: "RHBZ#1797011", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1797011", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-17573", url: "https://www.cve.org/CVERecord?id=CVE-2019-17573", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-17573", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-17573", }, ], release_date: "2020-01-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, { category: "workaround", details: "Mitigate this flaw by disabling the service listing altogether; via setting the \"hide-service-list-page\" servlet parameter to \"true\".", product_ids: [ "Text-Only RHOAR", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "cxf: reflected XSS in the services listing page", }, { acknowledgments: [ { names: [ "Mirko Selber", ], organization: "Compass Security", }, ], cve: "CVE-2020-1695", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2019-07-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1730462", }, ], notes: [ { category: "description", text: "A flaw was found in Resteasy, where an improper input validation results in returning an illegal header that integrates into the server's response. This flaw may result in an injection, which leads to unexpected behavior when the HTTP response is constructed.", title: "Vulnerability description", }, { category: "summary", text: "resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1695", }, { category: "external", summary: "RHBZ#1730462", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1730462", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1695", url: "https://www.cve.org/CVERecord?id=CVE-2020-1695", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1695", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1695", }, ], release_date: "2020-04-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.0", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class", }, { acknowledgments: [ { names: [ "Cure53 Berlin", ], }, ], cve: "CVE-2020-1697", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2020-01-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1791538", }, ], notes: [ { category: "description", text: "A flaw was found during the assessment of the Admin Console application for Keycloak, where it was found that Application Links to external applications are not validated properly. An attacker could use this flaw to cause Stored XSS attacks.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: stored XSS in client settings via application links", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1697", }, { category: "external", summary: "RHBZ#1791538", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1791538", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1697", url: "https://www.cve.org/CVERecord?id=CVE-2020-1697", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1697", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1697", }, ], release_date: "2020-02-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "keycloak: stored XSS in client settings via application links", }, { acknowledgments: [ { names: [ "Tobias Friedrich", ], }, ], cve: "CVE-2020-1698", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2020-01-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1790292", }, ], notes: [ { category: "description", text: "A flaw was found in keycloak. A logged exception in the HttpMethod class may leak the password given as parameter. The highest threat from this vulnerability is to data confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: Password leak by logged exception in HttpMethod class", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1698", }, { category: "external", summary: "RHBZ#1790292", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1790292", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1698", url: "https://www.cve.org/CVERecord?id=CVE-2020-1698", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1698", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1698", }, ], release_date: "2020-05-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "keycloak: Password leak by logged exception in HttpMethod class", }, { acknowledgments: [ { names: [ "Thomas Darimont", ], }, ], cve: "CVE-2020-1714", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2019-04-29T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1705975", }, ], notes: [ { category: "description", text: "A flaw was found in Keycloak, where the code base contains usages of ObjectInputStream without type checks. This flaw allows an attacker to inject arbitrarily serialized Java Objects, which would then get deserialized in a privileged context and potentially lead to remote code execution.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: Lack of checks in ObjectInputStream leading to Remote Code Execution", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1714", }, { category: "external", summary: "RHBZ#1705975", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1705975", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1714", url: "https://www.cve.org/CVERecord?id=CVE-2020-1714", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1714", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1714", }, ], release_date: "2020-05-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, { category: "workaround", details: "There is currently no known mitigation for this issue.", product_ids: [ "Text-Only RHOAR", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "keycloak: Lack of checks in ObjectInputStream leading to Remote Code Execution", }, { cve: "CVE-2020-1718", cwe: { id: "CWE-287", name: "Improper Authentication", }, discovery_date: "2020-01-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1796756", }, ], notes: [ { category: "description", text: "A flaw was found in the reset credential flow in Keycloak. This flaw allows an attacker to gain unauthorized access to the application.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: security issue on reset credential flow", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1718", }, { category: "external", summary: "RHBZ#1796756", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1796756", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1718", url: "https://www.cve.org/CVERecord?id=CVE-2020-1718", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1718", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1718", }, ], release_date: "2020-05-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, { category: "workaround", details: "Disable reset credential flow.", product_ids: [ "Text-Only RHOAR", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "keycloak: security issue on reset credential flow", }, { cve: "CVE-2020-1719", cwe: { id: "CWE-270", name: "Privilege Context Switching Error", }, discovery_date: "2019-08-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1796617", }, ], notes: [ { category: "description", text: "A flaw was found in wildfly. The EJBContext principle is not popped back after invoking another EJB using a different Security Domain. The highest threat from this vulnerability is to data confidentiality and integrity.", title: "Vulnerability description", }, { category: "summary", text: "Wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1719", }, { category: "external", summary: "RHBZ#1796617", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1796617", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1719", url: "https://www.cve.org/CVERecord?id=CVE-2020-1719", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1719", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1719", }, ], release_date: "2019-06-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain", }, { acknowledgments: [ { names: [ "Francesco Cusinato", ], }, ], cve: "CVE-2020-1724", cwe: { id: "CWE-613", name: "Insufficient Session Expiration", }, discovery_date: "2020-02-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1800527", }, ], notes: [ { category: "description", text: "A flaw was found in Keycloak. This flaw allows a malicious user that is currently logged in, to see the personal information of a previously logged out user in the account manager section.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: problem with privacy after user logout", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1724", }, { category: "external", summary: "RHBZ#1800527", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1800527", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1724", url: "https://www.cve.org/CVERecord?id=CVE-2020-1724", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1724", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1724", }, ], release_date: "2020-05-07T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "keycloak: problem with privacy after user logout", }, { acknowledgments: [ { names: [ "Sebastian Moritz", ], organization: "Cure53", }, ], cve: "CVE-2020-1727", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2020-02-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1800573", }, ], notes: [ { category: "description", text: "A flaw was found in Keycloak, where every Authorization URL that points to an IDP server lacks proper input validation as it allows a wide range of characters. This flaw allows a malicious to craft deep links that introduce further attack scenarios on affected clients.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: missing input validation in IDP authorization URLs", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1727", }, { category: "external", summary: "RHBZ#1800573", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1800573", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1727", url: "https://www.cve.org/CVERecord?id=CVE-2020-1727", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1727", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1727", }, ], release_date: "2020-05-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "keycloak: missing input validation in IDP authorization URLs", }, { cve: "CVE-2020-1732", cwe: { id: "CWE-284", name: "Improper Access Control", }, discovery_date: "2020-02-11T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1801726", }, ], notes: [ { category: "description", text: "A flaw was found in WildFly where multiple requests occurring concurrently could be handled using the identity of another request. This vulnerability occurs when using EE Security with WildFly Elytron. The largest threat from this vulnerability is data confidentiality and integrity.", title: "Vulnerability description", }, { category: "summary", text: "Soteria: security identity corruption across concurrent threads", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1732", }, { category: "external", summary: "RHBZ#1801726", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1801726", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1732", url: "https://www.cve.org/CVERecord?id=CVE-2020-1732", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1732", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1732", }, ], release_date: "2020-02-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "Soteria: security identity corruption across concurrent threads", }, { cve: "CVE-2020-1744", cwe: { id: "CWE-755", name: "Improper Handling of Exceptional Conditions", }, discovery_date: "2020-02-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1805792", }, ], notes: [ { category: "description", text: "A flaw was found in keycloak. BruteForceProtector does not handle Conditional OTP Authentication Flow login failure events due to these events not being sent to the brute force protection event queue. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1744", }, { category: "external", summary: "RHBZ#1805792", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805792", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1744", url: "https://www.cve.org/CVERecord?id=CVE-2020-1744", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", }, ], release_date: "2020-03-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP", }, { acknowledgments: [ { names: [ "Steve Zapantis", "Robert Roberson", "taktakdb4g", ], }, ], cve: "CVE-2020-1745", cwe: { id: "CWE-285", name: "Improper Authorization", }, discovery_date: "2020-02-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1807305", }, ], notes: [ { category: "description", text: "A file inclusion vulnerability was found in the AJP connector enabled with a default AJP configuration port of 8009 in Undertow version 2.0.29.Final and before. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instances where the vulnerable server allows file uploads, an attacker could upload malicious JavaServer Pages (JSP) code within a variety of file types and trigger this vulnerability to gain remote code execution.", title: "Vulnerability description", }, { category: "summary", text: "undertow: AJP File Read/Inclusion Vulnerability", title: "Vulnerability summary", }, { category: "other", text: "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251 and CVE page https://access.redhat.com/security/cve/cve-2020-1938", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1745", }, { category: "external", summary: "RHBZ#1807305", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1807305", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1745", url: "https://www.cve.org/CVERecord?id=CVE-2020-1745", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1745", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1745", }, { category: "external", summary: "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/", url: "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/", }, { category: "external", summary: "https://www.cnvd.org.cn/webinfo/show/5415", url: "https://www.cnvd.org.cn/webinfo/show/5415", }, { category: "external", summary: "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487", url: "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487", }, ], release_date: "2020-02-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, { category: "workaround", details: "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251", product_ids: [ "Text-Only RHOAR", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 7.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "undertow: AJP File Read/Inclusion Vulnerability", }, { acknowledgments: [ { names: [ "Fedorov Oleksii", "Keitaro Yamazaki", "Shiga Ryota", ], organization: "LINE Corporation", }, ], cve: "CVE-2020-1757", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2019-09-09T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1752770", }, ], notes: [ { category: "description", text: "A flaw was found in Undertow, where the servlet container causes the servletPath to normalize incorrectly by truncating the path after the semicolon. The flaw may lead to application mapping, resulting in a security bypass.", title: "Vulnerability description", }, { category: "summary", text: "undertow: servletPath is normalized incorrectly leading to dangerous application mapping which could result in security bypass", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1757", }, { category: "external", summary: "RHBZ#1752770", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1752770", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1757", url: "https://www.cve.org/CVERecord?id=CVE-2020-1757", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1757", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1757", }, ], release_date: "2018-12-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, { category: "workaround", details: "The issue can be mitigated by configuring UrlPathHelper to ignore the servletPath via setting \"alwaysUseFullPath\".", product_ids: [ "Text-Only RHOAR", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "undertow: servletPath is normalized incorrectly leading to dangerous application mapping which could result in security bypass", }, { acknowledgments: [ { names: [ "An Trinh", ], }, ], cve: "CVE-2020-6950", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, discovery_date: "2019-12-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1805006", }, ], notes: [ { category: "description", text: "A flaw was found in Eclipse Mojarra before version 2.3.14, where it is vulnerable to a path traversal flaw via the loc parameter or the con parameter. An attacker could exploit this flaw to read arbitrary files.", title: "Vulnerability description", }, { category: "summary", text: "Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-6950", }, { category: "external", summary: "RHBZ#1805006", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805006", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-6950", url: "https://www.cve.org/CVERecord?id=CVE-2020-6950", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-6950", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-6950", }, { category: "external", summary: "https://bugs.eclipse.org/bugs/show_bug.cgi?id=550943", url: "https://bugs.eclipse.org/bugs/show_bug.cgi?id=550943", }, { category: "external", summary: "https://github.com/eclipse-ee4j/mojarra/commit/1b434748d9239f42eae8aa7d37d7a0930c061e24", url: "https://github.com/eclipse-ee4j/mojarra/commit/1b434748d9239f42eae8aa7d37d7a0930c061e24", }, { category: "external", summary: "https://github.com/eclipse-ee4j/mojarra/commit/cefbb9447e7be560e59da2da6bd7cb93776f7741", url: "https://github.com/eclipse-ee4j/mojarra/commit/cefbb9447e7be560e59da2da6bd7cb93776f7741", }, { category: "external", summary: "https://github.com/eclipse-ee4j/mojarra/issues/4571", url: "https://github.com/eclipse-ee4j/mojarra/issues/4571", }, { category: "external", summary: "https://github.com/javaserverfaces/mojarra/issues/4364", url: "https://github.com/javaserverfaces/mojarra/issues/4364", }, ], release_date: "2020-02-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, { category: "workaround", details: "There is no currently known mitigation for this flaw.", product_ids: [ "Text-Only RHOAR", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371", }, { cve: "CVE-2020-10688", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2020-03-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1814974", }, ], notes: [ { category: "description", text: "A cross-site scripting (XSS) flaw was found in RESTEasy, where it did not properly handle URL encoding when the RESTEASY003870 exception occurs. An attacker could use this flaw to launch a reflected XSS attack.", title: "Vulnerability description", }, { category: "summary", text: "RESTEasy: RESTEASY003870 exception in RESTEasy can lead to a reflected XSS attack", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-10688", }, { category: "external", summary: "RHBZ#1814974", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1814974", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-10688", url: "https://www.cve.org/CVERecord?id=CVE-2020-10688", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-10688", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-10688", }, { category: "external", summary: "https://github.com/quarkusio/quarkus/issues/7248", url: "https://github.com/quarkusio/quarkus/issues/7248", }, { category: "external", summary: "https://issues.redhat.com/browse/RESTEASY-2519", url: "https://issues.redhat.com/browse/RESTEASY-2519", }, ], release_date: "2020-02-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "RESTEasy: RESTEASY003870 exception in RESTEasy can lead to a reflected XSS attack", }, { cve: "CVE-2020-10705", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2020-02-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1803241", }, ], notes: [ { category: "description", text: "A flaw was discovered in Undertow where certain requests to the \"Expect: 100-continue\" header may cause an out of memory error. This flaw may potentially lead to a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "undertow: Memory exhaustion issue in HttpReadListener via \"Expect: 100-continue\" header", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-10705", }, { category: "external", summary: "RHBZ#1803241", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1803241", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-10705", url: "https://www.cve.org/CVERecord?id=CVE-2020-10705", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-10705", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-10705", }, ], release_date: "2020-05-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, { category: "workaround", details: "There is currently no known mitigation for this security flaw.", product_ids: [ "Text-Only RHOAR", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "undertow: Memory exhaustion issue in HttpReadListener via \"Expect: 100-continue\" header", }, { acknowledgments: [ { names: [ "ZeddYu", ], }, ], cve: "CVE-2020-10719", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, discovery_date: "2020-02-11T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1828459", }, ], notes: [ { category: "description", text: "A flaw was found in Undertow, regarding the processing of invalid HTTP requests with large chunk sizes. This flaw allows an attacker to take advantage of HTTP request smuggling.", title: "Vulnerability description", }, { category: "summary", text: "undertow: invalid HTTP request with large chunk size", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only RHOAR", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-10719", }, { category: "external", summary: "RHBZ#1828459", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1828459", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-10719", url: "https://www.cve.org/CVERecord?id=CVE-2020-10719", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-10719", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-10719", }, ], release_date: "2020-05-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-07-23T07:03:40+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Text-Only RHOAR", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2905", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "Text-Only RHOAR", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "undertow: invalid HTTP request with large chunk size", }, ], }
RHSA-2020:0945
Vulnerability from csaf_redhat
Published
2020-03-23 20:12
Modified
2024-11-15 06:09
Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.3.7 security update on RHEL 6
Notes
Topic
New Red Hat Single Sign-On 7.3.7 packages are now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.3.7 on RHEL 6 serves as a replacement for Red Hat Single Sign-On 7.3.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "New Red Hat Single Sign-On 7.3.7 packages are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.3.7 on RHEL 6 serves as a replacement for Red Hat Single Sign-On 7.3.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:0945", url: "https://access.redhat.com/errata/RHSA-2020:0945", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/", url: "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/", }, { category: "external", summary: "1805792", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805792", }, { category: "external", summary: "KEYCLOAK-12379", url: "https://issues.redhat.com/browse/KEYCLOAK-12379", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0945.json", }, ], title: "Red Hat Security Advisory: Red Hat Single Sign-On 7.3.7 security update on RHEL 6", tracking: { current_release_date: "2024-11-15T06:09:48+00:00", generator: { date: "2024-11-15T06:09:48+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:0945", initial_release_date: "2020-03-23T20:12:56+00:00", revision_history: [ { date: "2020-03-23T20:12:56+00:00", number: "1", summary: "Initial version", }, { date: "2020-03-23T20:12:56+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T06:09:48+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Single Sign-On 7.3 for RHEL 6 Server", product: { name: "Red Hat Single Sign-On 7.3 for RHEL 6 Server", product_id: "6Server-RHSSO-7.3", product_identification_helper: { cpe: "cpe:/a:redhat:red_hat_single_sign_on:7::el6", }, }, }, ], category: "product_family", name: "Red Hat Single Sign-On", }, { branches: [ { category: "product_version", name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", product: { name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", product_id: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rh-sso7-keycloak@4.8.18-1.Final_redhat_00001.1.el6sso?arch=noarch", }, }, }, { category: "product_version", name: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", product: { name: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", product_id: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rh-sso7-keycloak-server@4.8.18-1.Final_redhat_00001.1.el6sso?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.src", product: { name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.src", product_id: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.src", product_identification_helper: { purl: "pkg:rpm/redhat/rh-sso7-keycloak@4.8.18-1.Final_redhat_00001.1.el6sso?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch as a component of Red Hat Single Sign-On 7.3 for RHEL 6 Server", product_id: "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", }, product_reference: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", relates_to_product_reference: "6Server-RHSSO-7.3", }, { category: "default_component_of", full_product_name: { name: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.src as a component of Red Hat Single Sign-On 7.3 for RHEL 6 Server", product_id: "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.src", }, product_reference: "rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.src", relates_to_product_reference: "6Server-RHSSO-7.3", }, { category: "default_component_of", full_product_name: { name: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch as a component of Red Hat Single Sign-On 7.3 for RHEL 6 Server", product_id: "6Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", }, product_reference: "rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", relates_to_product_reference: "6Server-RHSSO-7.3", }, ], }, vulnerabilities: [ { cve: "CVE-2020-1744", cwe: { id: "CWE-755", name: "Improper Handling of Exceptional Conditions", }, discovery_date: "2020-02-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1805792", }, ], notes: [ { category: "description", text: "A flaw was found in keycloak. BruteForceProtector does not handle Conditional OTP Authentication Flow login failure events due to these events not being sent to the brute force protection event queue. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.src", "6Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1744", }, { category: "external", summary: "RHBZ#1805792", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805792", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1744", url: "https://www.cve.org/CVERecord?id=CVE-2020-1744", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", }, ], release_date: "2020-03-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-23T20:12:56+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.src", "6Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0945", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.18-1.Final_redhat_00001.1.el6sso.src", "6Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.18-1.Final_redhat_00001.1.el6sso.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP", }, ], }
opensuse-su-2024:10615-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
ansible-2.9.24-1.2 on GA media
Notes
Title of the patch
ansible-2.9.24-1.2 on GA media
Description of the patch
These are all security issues fixed in the ansible-2.9.24-1.2 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-10615
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "ansible-2.9.24-1.2 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the ansible-2.9.24-1.2 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2024-10615", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10615-1.json", }, { category: "self", summary: "SUSE CVE CVE-2016-9587 page", url: "https://www.suse.com/security/cve/CVE-2016-9587/", }, { category: "self", summary: "SUSE CVE CVE-2017-7466 page", url: "https://www.suse.com/security/cve/CVE-2017-7466/", }, { category: "self", summary: "SUSE CVE CVE-2017-7481 page", url: "https://www.suse.com/security/cve/CVE-2017-7481/", }, { category: "self", summary: "SUSE CVE CVE-2017-7550 page", url: "https://www.suse.com/security/cve/CVE-2017-7550/", }, { category: "self", summary: "SUSE CVE CVE-2018-10855 page", url: "https://www.suse.com/security/cve/CVE-2018-10855/", }, { category: "self", summary: "SUSE CVE CVE-2018-10875 page", url: "https://www.suse.com/security/cve/CVE-2018-10875/", }, { category: "self", summary: "SUSE CVE CVE-2018-16837 page", url: "https://www.suse.com/security/cve/CVE-2018-16837/", }, { category: "self", summary: "SUSE CVE CVE-2018-16859 page", url: "https://www.suse.com/security/cve/CVE-2018-16859/", }, { category: "self", summary: "SUSE CVE CVE-2018-16876 page", url: "https://www.suse.com/security/cve/CVE-2018-16876/", }, { category: "self", summary: "SUSE CVE CVE-2019-10156 page", url: "https://www.suse.com/security/cve/CVE-2019-10156/", }, { category: "self", summary: "SUSE CVE CVE-2019-10206 page", url: "https://www.suse.com/security/cve/CVE-2019-10206/", }, { category: "self", summary: "SUSE CVE CVE-2019-10217 page", url: "https://www.suse.com/security/cve/CVE-2019-10217/", }, { category: "self", summary: "SUSE CVE CVE-2019-14846 page", url: "https://www.suse.com/security/cve/CVE-2019-14846/", }, { category: "self", summary: "SUSE CVE CVE-2019-14856 page", url: "https://www.suse.com/security/cve/CVE-2019-14856/", }, { category: "self", summary: "SUSE CVE CVE-2019-14858 page", url: "https://www.suse.com/security/cve/CVE-2019-14858/", }, { category: "self", summary: "SUSE CVE CVE-2019-14864 page", url: "https://www.suse.com/security/cve/CVE-2019-14864/", }, { category: "self", summary: "SUSE CVE CVE-2019-14904 page", url: "https://www.suse.com/security/cve/CVE-2019-14904/", }, { category: "self", summary: "SUSE CVE CVE-2019-14905 page", url: "https://www.suse.com/security/cve/CVE-2019-14905/", }, { category: "self", summary: "SUSE CVE CVE-2019-3828 page", url: "https://www.suse.com/security/cve/CVE-2019-3828/", }, { category: "self", summary: "SUSE CVE CVE-2020-10684 page", url: "https://www.suse.com/security/cve/CVE-2020-10684/", }, { category: "self", summary: "SUSE CVE CVE-2020-10685 page", url: "https://www.suse.com/security/cve/CVE-2020-10685/", }, { category: "self", summary: "SUSE CVE CVE-2020-10691 page", url: "https://www.suse.com/security/cve/CVE-2020-10691/", }, { category: "self", summary: "SUSE CVE CVE-2020-10729 page", url: "https://www.suse.com/security/cve/CVE-2020-10729/", }, { category: "self", summary: "SUSE CVE CVE-2020-14330 page", url: "https://www.suse.com/security/cve/CVE-2020-14330/", }, { category: "self", summary: "SUSE CVE CVE-2020-14332 page", url: "https://www.suse.com/security/cve/CVE-2020-14332/", }, { category: "self", summary: "SUSE CVE CVE-2020-1733 page", url: "https://www.suse.com/security/cve/CVE-2020-1733/", }, { category: "self", summary: "SUSE CVE CVE-2020-1734 page", url: "https://www.suse.com/security/cve/CVE-2020-1734/", }, { category: "self", summary: "SUSE CVE CVE-2020-1735 page", url: "https://www.suse.com/security/cve/CVE-2020-1735/", }, { category: "self", summary: "SUSE CVE CVE-2020-1736 page", url: "https://www.suse.com/security/cve/CVE-2020-1736/", }, { category: "self", summary: "SUSE CVE CVE-2020-1737 page", url: "https://www.suse.com/security/cve/CVE-2020-1737/", }, { category: "self", summary: "SUSE CVE CVE-2020-1738 page", url: "https://www.suse.com/security/cve/CVE-2020-1738/", }, { category: "self", summary: "SUSE CVE CVE-2020-1739 page", url: "https://www.suse.com/security/cve/CVE-2020-1739/", }, { category: "self", summary: "SUSE CVE CVE-2020-1740 page", url: "https://www.suse.com/security/cve/CVE-2020-1740/", }, { category: "self", summary: "SUSE CVE CVE-2020-1744 page", url: "https://www.suse.com/security/cve/CVE-2020-1744/", }, { category: "self", summary: "SUSE CVE CVE-2020-1746 page", url: "https://www.suse.com/security/cve/CVE-2020-1746/", }, { category: "self", summary: "SUSE CVE CVE-2020-1753 page", url: "https://www.suse.com/security/cve/CVE-2020-1753/", }, { category: "self", summary: "SUSE CVE CVE-2021-20178 page", url: "https://www.suse.com/security/cve/CVE-2021-20178/", }, { category: "self", summary: "SUSE CVE CVE-2021-20180 page", url: "https://www.suse.com/security/cve/CVE-2021-20180/", }, { category: "self", summary: "SUSE CVE CVE-2021-20191 page", url: "https://www.suse.com/security/cve/CVE-2021-20191/", }, { category: "self", summary: "SUSE CVE CVE-2021-20228 page", url: "https://www.suse.com/security/cve/CVE-2021-20228/", }, { category: "self", summary: "SUSE CVE CVE-2021-3583 page", url: "https://www.suse.com/security/cve/CVE-2021-3583/", }, ], title: "ansible-2.9.24-1.2 on GA media", tracking: { current_release_date: "2024-06-15T00:00:00Z", generator: { date: "2024-06-15T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2024:10615-1", initial_release_date: "2024-06-15T00:00:00Z", revision_history: [ { date: "2024-06-15T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "ansible-2.9.24-1.2.aarch64", product: { name: "ansible-2.9.24-1.2.aarch64", product_id: "ansible-2.9.24-1.2.aarch64", }, }, { category: "product_version", name: "ansible-doc-2.9.24-1.2.aarch64", product: { name: "ansible-doc-2.9.24-1.2.aarch64", product_id: "ansible-doc-2.9.24-1.2.aarch64", }, }, { category: "product_version", name: "ansible-test-2.9.24-1.2.aarch64", product: { name: "ansible-test-2.9.24-1.2.aarch64", product_id: "ansible-test-2.9.24-1.2.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "ansible-2.9.24-1.2.ppc64le", product: { name: "ansible-2.9.24-1.2.ppc64le", product_id: "ansible-2.9.24-1.2.ppc64le", }, }, { category: "product_version", name: "ansible-doc-2.9.24-1.2.ppc64le", product: { name: "ansible-doc-2.9.24-1.2.ppc64le", product_id: "ansible-doc-2.9.24-1.2.ppc64le", }, }, { category: "product_version", name: "ansible-test-2.9.24-1.2.ppc64le", product: { name: "ansible-test-2.9.24-1.2.ppc64le", product_id: "ansible-test-2.9.24-1.2.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "ansible-2.9.24-1.2.s390x", product: { name: "ansible-2.9.24-1.2.s390x", product_id: "ansible-2.9.24-1.2.s390x", }, }, { category: "product_version", name: "ansible-doc-2.9.24-1.2.s390x", product: { name: "ansible-doc-2.9.24-1.2.s390x", product_id: "ansible-doc-2.9.24-1.2.s390x", }, }, { category: "product_version", name: "ansible-test-2.9.24-1.2.s390x", product: { name: "ansible-test-2.9.24-1.2.s390x", product_id: "ansible-test-2.9.24-1.2.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "ansible-2.9.24-1.2.x86_64", product: { name: "ansible-2.9.24-1.2.x86_64", product_id: "ansible-2.9.24-1.2.x86_64", }, }, { category: "product_version", name: "ansible-doc-2.9.24-1.2.x86_64", product: { name: "ansible-doc-2.9.24-1.2.x86_64", product_id: "ansible-doc-2.9.24-1.2.x86_64", }, }, { category: "product_version", name: "ansible-test-2.9.24-1.2.x86_64", product: { name: "ansible-test-2.9.24-1.2.x86_64", product_id: "ansible-test-2.9.24-1.2.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ansible-2.9.24-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", }, product_reference: "ansible-2.9.24-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "ansible-2.9.24-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", }, product_reference: "ansible-2.9.24-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "ansible-2.9.24-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", }, product_reference: "ansible-2.9.24-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "ansible-2.9.24-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", }, product_reference: "ansible-2.9.24-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "ansible-doc-2.9.24-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", }, product_reference: "ansible-doc-2.9.24-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "ansible-doc-2.9.24-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", }, product_reference: "ansible-doc-2.9.24-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "ansible-doc-2.9.24-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", }, product_reference: "ansible-doc-2.9.24-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "ansible-doc-2.9.24-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", }, product_reference: "ansible-doc-2.9.24-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "ansible-test-2.9.24-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", }, product_reference: "ansible-test-2.9.24-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "ansible-test-2.9.24-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", }, product_reference: "ansible-test-2.9.24-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "ansible-test-2.9.24-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", }, product_reference: "ansible-test-2.9.24-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "ansible-test-2.9.24-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", }, product_reference: "ansible-test-2.9.24-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2016-9587", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-9587", }, ], notes: [ { category: "general", text: "Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed by Ansible and the ability to send facts back to the Ansible server could use this flaw to execute arbitrary code on the Ansible server using the Ansible server privileges.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-9587", url: "https://www.suse.com/security/cve/CVE-2016-9587", }, { category: "external", summary: "SUSE Bug 1019021 for CVE-2016-9587", url: "https://bugzilla.suse.com/1019021", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2016-9587", }, { cve: "CVE-2017-7466", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7466", }, ], notes: [ { category: "general", text: "Ansible before version 2.3 has an input validation vulnerability in the handling of data sent from client systems. An attacker with control over a client system being managed by Ansible, and the ability to send facts back to the Ansible server, could use this flaw to execute arbitrary code on the Ansible server using the Ansible server privileges.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7466", url: "https://www.suse.com/security/cve/CVE-2017-7466", }, { category: "external", summary: "SUSE Bug 1019021 for CVE-2017-7466", url: "https://bugzilla.suse.com/1019021", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-7466", }, { cve: "CVE-2017-7481", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7481", }, ], notes: [ { category: "general", text: "Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templating language is now marked as 'unsafe' and is not evaluated.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7481", url: "https://www.suse.com/security/cve/CVE-2017-7481", }, { category: "external", summary: "SUSE Bug 1038785 for CVE-2017-7481", url: "https://bugzilla.suse.com/1038785", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-7481", }, { cve: "CVE-2017-7550", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7550", }, ], notes: [ { category: "general", text: "A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x before 2.4.1) passed certain parameters to the jenkins_plugin module. Remote attackers could use this flaw to expose sensitive information from a remote host's logs. This flaw was fixed by not allowing passwords to be specified in the \"params\" argument, and noting this in the module documentation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7550", url: "https://www.suse.com/security/cve/CVE-2017-7550", }, { category: "external", summary: "SUSE Bug 1035124 for CVE-2017-7550", url: "https://bugzilla.suse.com/1035124", }, { category: "external", summary: "SUSE Bug 1065872 for CVE-2017-7550", url: "https://bugzilla.suse.com/1065872", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-7550", }, { cve: "CVE-2018-10855", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10855", }, ], notes: [ { category: "general", text: "Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the no_log task flag for failed tasks. When the no_log flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible will expose sensitive data in log files and on the terminal of the user running Ansible.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10855", url: "https://www.suse.com/security/cve/CVE-2018-10855", }, { category: "external", summary: "SUSE Bug 1097775 for CVE-2018-10855", url: "https://bugzilla.suse.com/1097775", }, { category: "external", summary: "SUSE Bug 1099808 for CVE-2018-10855", url: "https://bugzilla.suse.com/1099808", }, { category: "external", summary: "SUSE Bug 1109957 for CVE-2018-10855", url: "https://bugzilla.suse.com/1109957", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-10855", }, { cve: "CVE-2018-10875", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10875", }, ], notes: [ { category: "general", text: "A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10875", url: "https://www.suse.com/security/cve/CVE-2018-10875", }, { category: "external", summary: "SUSE Bug 1099808 for CVE-2018-10875", url: "https://bugzilla.suse.com/1099808", }, { category: "external", summary: "SUSE Bug 1109957 for CVE-2018-10875", url: "https://bugzilla.suse.com/1109957", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2018-10875", }, { cve: "CVE-2018-16837", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16837", }, ], notes: [ { category: "general", text: "Ansible \"User\" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passphrases credentials passed as a parameter for the ssh-keygen executable. Showing those credentials in clear text form for every user which have access just to the process list.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16837", url: "https://www.suse.com/security/cve/CVE-2018-16837", }, { category: "external", summary: "SUSE Bug 1112959 for CVE-2018-16837", url: "https://bugzilla.suse.com/1112959", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2018-16837", }, { cve: "CVE-2018-16859", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16859", }, ], notes: [ { category: "general", text: "Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. A local user with administrator privileges on the machine can view these logs and discover the plaintext password. Ansible Engine 2.8 and older are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16859", url: "https://www.suse.com/security/cve/CVE-2018-16859", }, { category: "external", summary: "SUSE Bug 1109957 for CVE-2018-16859", url: "https://bugzilla.suse.com/1109957", }, { category: "external", summary: "SUSE Bug 1116587 for CVE-2018-16859", url: "https://bugzilla.suse.com/1116587", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-16859", }, { cve: "CVE-2018-16876", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16876", }, ], notes: [ { category: "general", text: "ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can lead to leakage of sensible data.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16876", url: "https://www.suse.com/security/cve/CVE-2018-16876", }, { category: "external", summary: "SUSE Bug 1109957 for CVE-2018-16876", url: "https://bugzilla.suse.com/1109957", }, { category: "external", summary: "SUSE Bug 1118896 for CVE-2018-16876", url: "https://bugzilla.suse.com/1118896", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.1, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2018-16876", }, { cve: "CVE-2019-10156", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10156", }, ], notes: [ { category: "general", text: "A flaw was discovered in the way Ansible templating was implemented in versions before 2.6.18, 2.7.12 and 2.8.2, causing the possibility of information disclosure through unexpected variable substitution. By taking advantage of unintended variable substitution the content of any variable may be disclosed.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10156", url: "https://www.suse.com/security/cve/CVE-2019-10156", }, { category: "external", summary: "SUSE Bug 1137528 for CVE-2019-10156", url: "https://bugzilla.suse.com/1137528", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10156", }, { cve: "CVE-2019-10206", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10206", }, ], notes: [ { category: "general", text: "ansible-playbook -k and ansible cli tools, all versions 2.8.x before 2.8.4, all 2.7.x before 2.7.13 and all 2.6.x before 2.6.19, prompt passwords by expanding them from templates as they could contain special characters. Passwords should be wrapped to prevent templates trigger and exposing them.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10206", url: "https://www.suse.com/security/cve/CVE-2019-10206", }, { category: "external", summary: "SUSE Bug 1142690 for CVE-2019-10206", url: "https://bugzilla.suse.com/1142690", }, { category: "external", summary: "SUSE Bug 1154232 for CVE-2019-10206", url: "https://bugzilla.suse.com/1154232", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10206", }, { cve: "CVE-2019-10217", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10217", }, ], notes: [ { category: "general", text: "A flaw was found in ansible 2.8.0 before 2.8.4. Fields managing sensitive data should be set as such by no_log feature. Some of these fields in GCP modules are not set properly. service_account_contents() which is common class for all gcp modules is not setting no_log to True. Any sensitive data managed by that function would be leak as an output when running ansible playbooks.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10217", url: "https://www.suse.com/security/cve/CVE-2019-10217", }, { category: "external", summary: "SUSE Bug 1144453 for CVE-2019-10217", url: "https://bugzilla.suse.com/1144453", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10217", }, { cve: "CVE-2019-14846", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14846", }, ], notes: [ { category: "general", text: "In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible modules, as those are executed in a separate process.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14846", url: "https://www.suse.com/security/cve/CVE-2019-14846", }, { category: "external", summary: "SUSE Bug 1153452 for CVE-2019-14846", url: "https://bugzilla.suse.com/1153452", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2019-14846", }, { cve: "CVE-2019-14856", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14856", }, ], notes: [ { category: "general", text: "ansible before versions 2.8.6, 2.7.14, 2.6.20 is vulnerable to a None", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14856", url: "https://www.suse.com/security/cve/CVE-2019-14856", }, { category: "external", summary: "SUSE Bug 1154232 for CVE-2019-14856", url: "https://bugzilla.suse.com/1154232", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2019-14856", }, { cve: "CVE-2019-14858", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14858", }, ], notes: [ { category: "general", text: "A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argument_spec with sub parameters marked as no_log, passing an invalid parameter name to the module will cause the task to fail before the no_log options in the sub parameters are processed. As a result, data in the sub parameter fields will not be masked and will be displayed if Ansible is run with increased verbosity and present in the module invocation arguments for the task.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14858", url: "https://www.suse.com/security/cve/CVE-2019-14858", }, { category: "external", summary: "SUSE Bug 1154231 for CVE-2019-14858", url: "https://bugzilla.suse.com/1154231", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2019-14858", }, { cve: "CVE-2019-14864", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14864", }, ], notes: [ { category: "general", text: "Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag no_log set it to True when Sumologic and Splunk callback plugins are used send tasks results events to collectors. This would discloses and collects any sensitive data.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14864", url: "https://www.suse.com/security/cve/CVE-2019-14864", }, { category: "external", summary: "SUSE Bug 1154830 for CVE-2019-14864", url: "https://bugzilla.suse.com/1154830", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-14864", }, { cve: "CVE-2019-14904", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14904", }, ], notes: [ { category: "general", text: "A flaw was found in the solaris_zone module from the Ansible Community modules. When setting the name for the zone on the Solaris host, the zone name is checked by listing the process with the 'ps' bare command on the remote machine. An attacker could take advantage of this flaw by crafting the name of the zone and executing arbitrary commands in the remote host. Ansible Engine 2.7.15, 2.8.7, and 2.9.2 as well as previous versions are affected.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14904", url: "https://www.suse.com/security/cve/CVE-2019-14904", }, { category: "external", summary: "SUSE Bug 1157968 for CVE-2019-14904", url: "https://bugzilla.suse.com/1157968", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2019-14904", }, { cve: "CVE-2019-14905", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14905", }, ], notes: [ { category: "general", text: "A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, where in Ansible's nxos_file_copy module can be used to copy files to a flash or bootflash on NXOS devices. Malicious code could craft the filename parameter to perform OS command injections. This could result in a loss of confidentiality of the system among other issues.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14905", url: "https://www.suse.com/security/cve/CVE-2019-14905", }, { category: "external", summary: "SUSE Bug 1157969 for CVE-2019-14905", url: "https://bugzilla.suse.com/1157969", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2019-14905", }, { cve: "CVE-2019-3828", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3828", }, ], notes: [ { category: "general", text: "Ansible fetch module before versions 2.5.15, 2.6.14, 2.7.8 has a path traversal vulnerability which allows copying and overwriting files outside of the specified destination in the local ansible controller host, by not restricting an absolute path.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3828", url: "https://www.suse.com/security/cve/CVE-2019-3828", }, { category: "external", summary: "SUSE Bug 1126503 for CVE-2019-3828", url: "https://bugzilla.suse.com/1126503", }, { category: "external", summary: "SUSE Bug 1164137 for CVE-2019-3828", url: "https://bugzilla.suse.com/1164137", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-3828", }, { cve: "CVE-2020-10684", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10684", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x prior to 2.7.17, 2.8.9 and 2.9.6 respectively, when using ansible_facts as a subkey of itself and promoting it to a variable when inject is enabled, overwriting the ansible_facts after the clean. An attacker could take advantage of this by altering the ansible_facts, such as ansible_hosts, users and any other key data which would lead into privilege escalation or code injection.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-10684", url: "https://www.suse.com/security/cve/CVE-2020-10684", }, { category: "external", summary: "SUSE Bug 1167532 for CVE-2020-10684", url: "https://bugzilla.suse.com/1167532", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-10684", }, { cve: "CVE-2020-10685", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10685", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as assemble, script, unarchive, win_copy, aws_s3 or copy modules. The temporary directory is created in /tmp leaves the s ts unencrypted. On Operating Systems which /tmp is not a tmpfs but part of the root partition, the directory is only cleared on boot and the decryp emains when the host is switched off. The system will be vulnerable when the system is not running. So decrypted data must be cleared as soon as possible and the data which normally is encrypted ble.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-10685", url: "https://www.suse.com/security/cve/CVE-2020-10685", }, { category: "external", summary: "SUSE Bug 1167440 for CVE-2020-10685", url: "https://bugzilla.suse.com/1167440", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-10685", }, { cve: "CVE-2020-10691", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10691", }, ], notes: [ { category: "general", text: "An archive traversal flaw was found in all ansible-engine versions 2.9.x prior to 2.9.7, when running ansible-galaxy collection install. When extracting a collection .tar.gz file, the directory is created without sanitizing the filename. An attacker could take advantage to overwrite any file within the system.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-10691", url: "https://www.suse.com/security/cve/CVE-2020-10691", }, { category: "external", summary: "SUSE Bug 1167873 for CVE-2020-10691", url: "https://bugzilla.suse.com/1167873", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-10691", }, { cve: "CVE-2020-10729", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10729", }, ], notes: [ { category: "general", text: "A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal value as the template caching action for the same file since no re-evaluation happens. The highest threat from this vulnerability would be that all passwords are exposed at once for the file. This flaw affects Ansible Engine versions before 2.9.6.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-10729", url: "https://www.suse.com/security/cve/CVE-2020-10729", }, { category: "external", summary: "SUSE Bug 1171162 for CVE-2020-10729", url: "https://bugzilla.suse.com/1171162", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-10729", }, { cve: "CVE-2020-14330", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-14330", }, ], notes: [ { category: "general", text: "An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is exposed to content and json output. This flaw allows an attacker to access the logs or outputs of performed tasks to read keys used in playbooks from other users within the uri module. The highest threat from this vulnerability is to data confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-14330", url: "https://www.suse.com/security/cve/CVE-2020-14330", }, { category: "external", summary: "SUSE Bug 1174145 for CVE-2020-14330", url: "https://bugzilla.suse.com/1174145", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-14330", }, { cve: "CVE-2020-14332", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-14332", }, ], notes: [ { category: "general", text: "A flaw was found in the Ansible Engine when using module_args. Tasks executed with check mode (--check-mode) do not properly neutralize sensitive data exposed in the event data. This flaw allows unauthorized users to read this data. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-14332", url: "https://www.suse.com/security/cve/CVE-2020-14332", }, { category: "external", summary: "SUSE Bug 1174302 for CVE-2020-14332", url: "https://bugzilla.suse.com/1174302", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-14332", }, { cve: "CVE-2020-1733", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1733", }, ], notes: [ { category: "general", text: "A race condition flaw was found in Ansible Engine 2.7.17 and prior, 2.8.9 and prior, 2.9.6 and prior when running a playbook with an unprivileged become user. When Ansible needs to run a module with become user, the temporary directory is created in /var/tmp. This directory is created with \"umask 77 && mkdir -p <dir>\"; this operation does not fail if the directory already exists and is owned by another user. An attacker could take advantage to gain control of the become user as the target directory can be retrieved by iterating '/proc/<pid>/cmdline'.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1733", url: "https://www.suse.com/security/cve/CVE-2020-1733", }, { category: "external", summary: "SUSE Bug 1164140 for CVE-2020-1733", url: "https://bugzilla.suse.com/1164140", }, { category: "external", summary: "SUSE Bug 1171823 for CVE-2020-1733", url: "https://bugzilla.suse.com/1171823", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1733", }, { cve: "CVE-2020-1734", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1734", }, ], notes: [ { category: "general", text: "A flaw was found in the pipe lookup plugin of ansible. Arbitrary commands can be run, when the pipe lookup plugin uses subprocess.Popen() with shell=True, by overwriting ansible facts and the variable is not escaped by quote plugin. An attacker could take advantage and run arbitrary commands by overwriting the ansible facts.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1734", url: "https://www.suse.com/security/cve/CVE-2020-1734", }, { category: "external", summary: "SUSE Bug 1164139 for CVE-2020-1734", url: "https://bugzilla.suse.com/1164139", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-1734", }, { cve: "CVE-2020-1735", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1735", }, ], notes: [ { category: "general", text: "A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destination path on the controller node. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1735", url: "https://www.suse.com/security/cve/CVE-2020-1735", }, { category: "external", summary: "SUSE Bug 1164137 for CVE-2020-1735", url: "https://bugzilla.suse.com/1164137", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1735", }, { cve: "CVE-2020-1736", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1736", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode cannot be specified. This sets the destination files world-readable if the destination file does not exist and if the file exists, the file could be changed to have less restrictive permissions before the move. This could lead to the disclosure of sensitive data. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1736", url: "https://www.suse.com/security/cve/CVE-2020-1736", }, { category: "external", summary: "SUSE Bug 1164134 for CVE-2020-1736", url: "https://bugzilla.suse.com/1164134", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.2, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2020-1736", }, { cve: "CVE-2020-1737", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1737", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the win_unzip module as the extracted file(s) are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive anywhere in the file system, using a path traversal. This issue is fixed in 2.10.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1737", url: "https://www.suse.com/security/cve/CVE-2020-1737", }, { category: "external", summary: "SUSE Bug 1164138 for CVE-2020-1737", url: "https://bugzilla.suse.com/1164138", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-1737", }, { cve: "CVE-2020-1738", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1738", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible Engine when the module package or service is used and the parameter 'use' is not specified. If a previous task is executed with a malicious user, the module sent can be selected by the attacker using the ansible facts file. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1738", url: "https://www.suse.com/security/cve/CVE-2020-1738", }, { category: "external", summary: "SUSE Bug 1164136 for CVE-2020-1738", url: "https://bugzilla.suse.com/1164136", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1738", }, { cve: "CVE-2020-1739", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1739", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the argument \"password\" of svn module, it is used on svn command line, disclosing to other users within the same node. An attacker could take advantage by reading the cmdline file from that particular PID on the procfs.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1739", url: "https://www.suse.com/security/cve/CVE-2020-1739", }, { category: "external", summary: "SUSE Bug 1164133 for CVE-2020-1739", url: "https://bugzilla.suse.com/1164133", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1739", }, { cve: "CVE-2020-1740", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1740", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes \"ansible-vault edit\", another user on the same computer can read the old and new secret, as it is created in a temporary file with mkstemp and the returned file descriptor is closed and the method write_data is called to write the existing secret in the file. This method will delete the file before recreating it insecurely. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1740", url: "https://www.suse.com/security/cve/CVE-2020-1740", }, { category: "external", summary: "SUSE Bug 1164135 for CVE-2020-1740", url: "https://bugzilla.suse.com/1164135", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.9, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2020-1740", }, { cve: "CVE-2020-1744", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1744", }, ], notes: [ { category: "general", text: "A flaw was found in keycloak before version 9.0.1. When configuring an Conditional OTP Authentication Flow as a post login flow of an IDP, the failure login events for OTP are not being sent to the brute force protection event queue. So BruteForceProtector does not handle this events.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1744", url: "https://www.suse.com/security/cve/CVE-2020-1744", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1744", }, { cve: "CVE-2020-1746", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1746", }, ], notes: [ { category: "general", text: "A flaw was found in the Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when the ldap_attr and ldap_entry community modules are used. The issue discloses the LDAP bind password to stdout or a log file if a playbook task is written using the bind_pw in the parameters field. The highest threat from this vulnerability is data confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1746", url: "https://www.suse.com/security/cve/CVE-2020-1746", }, { category: "external", summary: "SUSE Bug 1165393 for CVE-2020-1746", url: "https://bugzilla.suse.com/1165393", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1746", }, { cve: "CVE-2020-1753", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1753", }, ], notes: [ { category: "general", text: "A security flaw was found in Ansible Engine, all Ansible 2.7.x versions prior to 2.7.17, all Ansible 2.8.x versions prior to 2.8.11 and all Ansible 2.9.x versions prior to 2.9.7, when managing kubernetes using the k8s module. Sensitive parameters such as passwords and tokens are passed to kubectl from the command line, not using an environment variable or an input configuration file. This will disclose passwords and tokens from process list and no_log directive from debug module would not have any effect making these secrets being disclosed on stdout and log files.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1753", url: "https://www.suse.com/security/cve/CVE-2020-1753", }, { category: "external", summary: "SUSE Bug 1166389 for CVE-2020-1753", url: "https://bugzilla.suse.com/1166389", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1753", }, { cve: "CVE-2021-20178", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20178", }, ], notes: [ { category: "general", text: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-20178", url: "https://www.suse.com/security/cve/CVE-2021-20178", }, { category: "external", summary: "SUSE Bug 1180816 for CVE-2021-20178", url: "https://bugzilla.suse.com/1180816", }, { category: "external", summary: "SUSE Bug 1186493 for CVE-2021-20178", url: "https://bugzilla.suse.com/1186493", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-20178", }, { cve: "CVE-2021-20180", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20180", }, ], notes: [ { category: "general", text: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-20180", url: "https://www.suse.com/security/cve/CVE-2021-20180", }, { category: "external", summary: "SUSE Bug 1180942 for CVE-2021-20180", url: "https://bugzilla.suse.com/1180942", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-20180", }, { cve: "CVE-2021-20191", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20191", }, ], notes: [ { category: "general", text: "A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality. Versions before ansible 2.9.18 are affected.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-20191", url: "https://www.suse.com/security/cve/CVE-2021-20191", }, { category: "external", summary: "SUSE Bug 1181119 for CVE-2021-20191", url: "https://bugzilla.suse.com/1181119", }, { category: "external", summary: "SUSE Bug 1181935 for CVE-2021-20191", url: "https://bugzilla.suse.com/1181935", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-20191", }, { cve: "CVE-2021-20228", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20228", }, ], notes: [ { category: "general", text: "A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-20228", url: "https://www.suse.com/security/cve/CVE-2021-20228", }, { category: "external", summary: "SUSE Bug 1181935 for CVE-2021-20228", url: "https://bugzilla.suse.com/1181935", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-20228", }, { cve: "CVE-2021-3583", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3583", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts being handled do not routinely include special template characters. This flaw allows attackers to perform command injection, which discloses sensitive information. The highest threat from this vulnerability is to confidentiality and integrity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3583", url: "https://www.suse.com/security/cve/CVE-2021-3583", }, { category: "external", summary: "SUSE Bug 1188061 for CVE-2021-3583", url: "https://bugzilla.suse.com/1188061", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-3583", }, ], }
opensuse-su-2024:14244-1
Vulnerability from csaf_opensuse
Published
2024-08-08 00:00
Modified
2024-08-08 00:00
Summary
ansible-9-9.8.0-1.1 on GA media
Notes
Title of the patch
ansible-9-9.8.0-1.1 on GA media
Description of the patch
These are all security issues fixed in the ansible-9-9.8.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-14244
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "ansible-9-9.8.0-1.1 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the ansible-9-9.8.0-1.1 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2024-14244", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14244-1.json", }, { category: "self", summary: "SUSE CVE CVE-2014-4966 page", url: "https://www.suse.com/security/cve/CVE-2014-4966/", }, { category: "self", summary: "SUSE CVE CVE-2014-4967 page", url: "https://www.suse.com/security/cve/CVE-2014-4967/", }, { category: "self", summary: "SUSE CVE CVE-2015-3908 page", url: "https://www.suse.com/security/cve/CVE-2015-3908/", }, { category: "self", summary: "SUSE CVE CVE-2016-3096 page", url: "https://www.suse.com/security/cve/CVE-2016-3096/", }, { category: "self", summary: "SUSE CVE CVE-2016-9587 page", url: "https://www.suse.com/security/cve/CVE-2016-9587/", }, { category: "self", summary: "SUSE CVE CVE-2017-7466 page", url: "https://www.suse.com/security/cve/CVE-2017-7466/", }, { category: "self", summary: "SUSE CVE CVE-2017-7481 page", url: "https://www.suse.com/security/cve/CVE-2017-7481/", }, { category: "self", summary: "SUSE CVE CVE-2017-7550 page", url: "https://www.suse.com/security/cve/CVE-2017-7550/", }, { category: "self", summary: "SUSE CVE CVE-2018-10855 page", url: "https://www.suse.com/security/cve/CVE-2018-10855/", }, { category: "self", summary: "SUSE CVE CVE-2018-10875 page", url: "https://www.suse.com/security/cve/CVE-2018-10875/", }, { category: "self", summary: "SUSE CVE CVE-2018-16837 page", url: "https://www.suse.com/security/cve/CVE-2018-16837/", }, { category: "self", summary: "SUSE CVE CVE-2018-16859 page", url: "https://www.suse.com/security/cve/CVE-2018-16859/", }, { category: "self", summary: "SUSE CVE CVE-2018-16876 page", url: "https://www.suse.com/security/cve/CVE-2018-16876/", }, { category: "self", summary: "SUSE CVE CVE-2019-10156 page", url: "https://www.suse.com/security/cve/CVE-2019-10156/", }, { category: "self", summary: "SUSE CVE CVE-2019-10206 page", url: "https://www.suse.com/security/cve/CVE-2019-10206/", }, { category: "self", summary: "SUSE CVE CVE-2019-10217 page", url: "https://www.suse.com/security/cve/CVE-2019-10217/", }, { category: "self", summary: "SUSE CVE CVE-2019-14846 page", url: "https://www.suse.com/security/cve/CVE-2019-14846/", }, { category: "self", summary: "SUSE CVE CVE-2019-14856 page", url: "https://www.suse.com/security/cve/CVE-2019-14856/", }, { category: "self", summary: "SUSE CVE CVE-2019-14858 page", url: "https://www.suse.com/security/cve/CVE-2019-14858/", }, { category: "self", summary: "SUSE CVE CVE-2019-14864 page", url: "https://www.suse.com/security/cve/CVE-2019-14864/", }, { category: "self", summary: "SUSE CVE CVE-2019-14904 page", url: "https://www.suse.com/security/cve/CVE-2019-14904/", }, { category: "self", summary: "SUSE CVE CVE-2019-14905 page", url: "https://www.suse.com/security/cve/CVE-2019-14905/", }, { category: "self", summary: "SUSE CVE CVE-2019-3828 page", url: "https://www.suse.com/security/cve/CVE-2019-3828/", }, { category: "self", summary: "SUSE CVE CVE-2020-10684 page", url: "https://www.suse.com/security/cve/CVE-2020-10684/", }, { category: "self", summary: "SUSE CVE CVE-2020-10685 page", url: "https://www.suse.com/security/cve/CVE-2020-10685/", }, { category: "self", summary: "SUSE CVE CVE-2020-10691 page", url: "https://www.suse.com/security/cve/CVE-2020-10691/", }, { category: "self", summary: "SUSE CVE CVE-2020-10729 page", url: "https://www.suse.com/security/cve/CVE-2020-10729/", }, { category: "self", summary: "SUSE CVE CVE-2020-14330 page", url: "https://www.suse.com/security/cve/CVE-2020-14330/", }, { category: "self", summary: "SUSE CVE CVE-2020-14332 page", url: "https://www.suse.com/security/cve/CVE-2020-14332/", }, { category: "self", summary: "SUSE CVE CVE-2020-1733 page", url: "https://www.suse.com/security/cve/CVE-2020-1733/", }, { category: "self", summary: "SUSE CVE CVE-2020-1734 page", url: "https://www.suse.com/security/cve/CVE-2020-1734/", }, { category: "self", summary: "SUSE CVE CVE-2020-1735 page", url: "https://www.suse.com/security/cve/CVE-2020-1735/", }, { category: "self", summary: "SUSE CVE CVE-2020-1736 page", url: "https://www.suse.com/security/cve/CVE-2020-1736/", }, { category: "self", summary: "SUSE CVE CVE-2020-1737 page", url: "https://www.suse.com/security/cve/CVE-2020-1737/", }, { category: "self", summary: "SUSE CVE CVE-2020-1738 page", url: "https://www.suse.com/security/cve/CVE-2020-1738/", }, { category: "self", summary: "SUSE CVE CVE-2020-1739 page", url: "https://www.suse.com/security/cve/CVE-2020-1739/", }, { category: "self", summary: "SUSE CVE CVE-2020-1740 page", url: "https://www.suse.com/security/cve/CVE-2020-1740/", }, { category: "self", summary: "SUSE CVE CVE-2020-1744 page", url: "https://www.suse.com/security/cve/CVE-2020-1744/", }, { category: "self", summary: "SUSE CVE CVE-2020-1746 page", url: "https://www.suse.com/security/cve/CVE-2020-1746/", }, { category: "self", summary: "SUSE CVE CVE-2020-1753 page", url: "https://www.suse.com/security/cve/CVE-2020-1753/", }, { category: "self", summary: "SUSE CVE CVE-2021-20178 page", url: "https://www.suse.com/security/cve/CVE-2021-20178/", }, { category: "self", summary: "SUSE CVE CVE-2021-20180 page", url: "https://www.suse.com/security/cve/CVE-2021-20180/", }, { category: "self", summary: "SUSE CVE CVE-2021-20191 page", url: "https://www.suse.com/security/cve/CVE-2021-20191/", }, { category: "self", summary: "SUSE CVE CVE-2021-20228 page", url: "https://www.suse.com/security/cve/CVE-2021-20228/", }, { category: "self", summary: "SUSE CVE CVE-2021-3583 page", url: "https://www.suse.com/security/cve/CVE-2021-3583/", }, ], title: "ansible-9-9.8.0-1.1 on GA media", tracking: { current_release_date: "2024-08-08T00:00:00Z", generator: { date: "2024-08-08T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2024:14244-1", initial_release_date: "2024-08-08T00:00:00Z", revision_history: [ { date: "2024-08-08T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "ansible-9-9.8.0-1.1.aarch64", product: { name: "ansible-9-9.8.0-1.1.aarch64", product_id: "ansible-9-9.8.0-1.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "ansible-9-9.8.0-1.1.ppc64le", product: { name: "ansible-9-9.8.0-1.1.ppc64le", product_id: "ansible-9-9.8.0-1.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "ansible-9-9.8.0-1.1.s390x", product: { name: "ansible-9-9.8.0-1.1.s390x", product_id: "ansible-9-9.8.0-1.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "ansible-9-9.8.0-1.1.x86_64", product: { name: "ansible-9-9.8.0-1.1.x86_64", product_id: "ansible-9-9.8.0-1.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ansible-9-9.8.0-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", }, product_reference: "ansible-9-9.8.0-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "ansible-9-9.8.0-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", }, product_reference: "ansible-9-9.8.0-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "ansible-9-9.8.0-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", }, product_reference: "ansible-9-9.8.0-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "ansible-9-9.8.0-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", }, product_reference: "ansible-9-9.8.0-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2014-4966", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-4966", }, ], notes: [ { category: "general", text: "Ansible before 1.6.7 does not prevent inventory data with \"{{\" and \"lookup\" substrings, and does not prevent remote data with \"{{\" substrings, which allows remote attackers to execute arbitrary code via (1) crafted lookup('pipe') calls or (2) crafted Jinja2 data.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-4966", url: "https://www.suse.com/security/cve/CVE-2014-4966", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-4966", }, { cve: "CVE-2014-4967", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-4967", }, ], notes: [ { category: "general", text: "Multiple argument injection vulnerabilities in Ansible before 1.6.7 allow remote attackers to execute arbitrary code by leveraging access to an Ansible managed host and providing a crafted fact, as demonstrated by a fact with (1) a trailing \" src=\" clause, (2) a trailing \" temp=\" clause, or (3) a trailing \" validate=\" clause accompanied by a shell command.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-4967", url: "https://www.suse.com/security/cve/CVE-2014-4967", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-4967", }, { cve: "CVE-2015-3908", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-3908", }, ], notes: [ { category: "general", text: "Ansible before 1.9.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-3908", url: "https://www.suse.com/security/cve/CVE-2015-3908", }, { category: "external", summary: "SUSE Bug 938161 for CVE-2015-3908", url: "https://bugzilla.suse.com/938161", }, { category: "external", summary: "SUSE Bug 938399 for CVE-2015-3908", url: "https://bugzilla.suse.com/938399", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "important", }, ], title: "CVE-2015-3908", }, { cve: "CVE-2016-3096", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-3096", }, ], notes: [ { category: "general", text: "The create_script function in the lxc_container module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on (1) /opt/.lxc-attach-script, (2) the archived container in the archive_path directory, or the (3) lxc-attach-script.log or (4) lxc-attach-script.err files in the temporary directory.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-3096", url: "https://www.suse.com/security/cve/CVE-2016-3096", }, { category: "external", summary: "SUSE Bug 973546 for CVE-2016-3096", url: "https://bugzilla.suse.com/973546", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "important", }, ], title: "CVE-2016-3096", }, { cve: "CVE-2016-9587", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-9587", }, ], notes: [ { category: "general", text: "Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed by Ansible and the ability to send facts back to the Ansible server could use this flaw to execute arbitrary code on the Ansible server using the Ansible server privileges.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-9587", url: "https://www.suse.com/security/cve/CVE-2016-9587", }, { category: "external", summary: "SUSE Bug 1019021 for CVE-2016-9587", url: "https://bugzilla.suse.com/1019021", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "important", }, ], title: "CVE-2016-9587", }, { cve: "CVE-2017-7466", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7466", }, ], notes: [ { category: "general", text: "Ansible before version 2.3 has an input validation vulnerability in the handling of data sent from client systems. An attacker with control over a client system being managed by Ansible, and the ability to send facts back to the Ansible server, could use this flaw to execute arbitrary code on the Ansible server using the Ansible server privileges.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7466", url: "https://www.suse.com/security/cve/CVE-2017-7466", }, { category: "external", summary: "SUSE Bug 1019021 for CVE-2017-7466", url: "https://bugzilla.suse.com/1019021", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "important", }, ], title: "CVE-2017-7466", }, { cve: "CVE-2017-7481", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7481", }, ], notes: [ { category: "general", text: "Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templating language is now marked as 'unsafe' and is not evaluated.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7481", url: "https://www.suse.com/security/cve/CVE-2017-7481", }, { category: "external", summary: "SUSE Bug 1038785 for CVE-2017-7481", url: "https://bugzilla.suse.com/1038785", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-7481", }, { cve: "CVE-2017-7550", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7550", }, ], notes: [ { category: "general", text: "A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x before 2.4.1) passed certain parameters to the jenkins_plugin module. Remote attackers could use this flaw to expose sensitive information from a remote host's logs. This flaw was fixed by not allowing passwords to be specified in the \"params\" argument, and noting this in the module documentation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7550", url: "https://www.suse.com/security/cve/CVE-2017-7550", }, { category: "external", summary: "SUSE Bug 1035124 for CVE-2017-7550", url: "https://bugzilla.suse.com/1035124", }, { category: "external", summary: "SUSE Bug 1065872 for CVE-2017-7550", url: "https://bugzilla.suse.com/1065872", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "important", }, ], title: "CVE-2017-7550", }, { cve: "CVE-2018-10855", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10855", }, ], notes: [ { category: "general", text: "Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the no_log task flag for failed tasks. When the no_log flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible will expose sensitive data in log files and on the terminal of the user running Ansible.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10855", url: "https://www.suse.com/security/cve/CVE-2018-10855", }, { category: "external", summary: "SUSE Bug 1097775 for CVE-2018-10855", url: "https://bugzilla.suse.com/1097775", }, { category: "external", summary: "SUSE Bug 1099808 for CVE-2018-10855", url: "https://bugzilla.suse.com/1099808", }, { category: "external", summary: "SUSE Bug 1109957 for CVE-2018-10855", url: "https://bugzilla.suse.com/1109957", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-10855", }, { cve: "CVE-2018-10875", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10875", }, ], notes: [ { category: "general", text: "A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10875", url: "https://www.suse.com/security/cve/CVE-2018-10875", }, { category: "external", summary: "SUSE Bug 1099808 for CVE-2018-10875", url: "https://bugzilla.suse.com/1099808", }, { category: "external", summary: "SUSE Bug 1109957 for CVE-2018-10875", url: "https://bugzilla.suse.com/1109957", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "important", }, ], title: "CVE-2018-10875", }, { cve: "CVE-2018-16837", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16837", }, ], notes: [ { category: "general", text: "Ansible \"User\" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passphrases credentials passed as a parameter for the ssh-keygen executable. Showing those credentials in clear text form for every user which have access just to the process list.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16837", url: "https://www.suse.com/security/cve/CVE-2018-16837", }, { category: "external", summary: "SUSE Bug 1112959 for CVE-2018-16837", url: "https://bugzilla.suse.com/1112959", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "important", }, ], title: "CVE-2018-16837", }, { cve: "CVE-2018-16859", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16859", }, ], notes: [ { category: "general", text: "Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. A local user with administrator privileges on the machine can view these logs and discover the plaintext password. Ansible Engine 2.8 and older are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16859", url: "https://www.suse.com/security/cve/CVE-2018-16859", }, { category: "external", summary: "SUSE Bug 1109957 for CVE-2018-16859", url: "https://bugzilla.suse.com/1109957", }, { category: "external", summary: "SUSE Bug 1116587 for CVE-2018-16859", url: "https://bugzilla.suse.com/1116587", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-16859", }, { cve: "CVE-2018-16876", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16876", }, ], notes: [ { category: "general", text: "ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can lead to leakage of sensible data.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16876", url: "https://www.suse.com/security/cve/CVE-2018-16876", }, { category: "external", summary: "SUSE Bug 1109957 for CVE-2018-16876", url: "https://bugzilla.suse.com/1109957", }, { category: "external", summary: "SUSE Bug 1118896 for CVE-2018-16876", url: "https://bugzilla.suse.com/1118896", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.1, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "low", }, ], title: "CVE-2018-16876", }, { cve: "CVE-2019-10156", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10156", }, ], notes: [ { category: "general", text: "A flaw was discovered in the way Ansible templating was implemented in versions before 2.6.18, 2.7.12 and 2.8.2, causing the possibility of information disclosure through unexpected variable substitution. By taking advantage of unintended variable substitution the content of any variable may be disclosed.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10156", url: "https://www.suse.com/security/cve/CVE-2019-10156", }, { category: "external", summary: "SUSE Bug 1137528 for CVE-2019-10156", url: "https://bugzilla.suse.com/1137528", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10156", }, { cve: "CVE-2019-10206", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10206", }, ], notes: [ { category: "general", text: "ansible-playbook -k and ansible cli tools, all versions 2.8.x before 2.8.4, all 2.7.x before 2.7.13 and all 2.6.x before 2.6.19, prompt passwords by expanding them from templates as they could contain special characters. Passwords should be wrapped to prevent templates trigger and exposing them.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10206", url: "https://www.suse.com/security/cve/CVE-2019-10206", }, { category: "external", summary: "SUSE Bug 1142690 for CVE-2019-10206", url: "https://bugzilla.suse.com/1142690", }, { category: "external", summary: "SUSE Bug 1154232 for CVE-2019-10206", url: "https://bugzilla.suse.com/1154232", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10206", }, { cve: "CVE-2019-10217", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10217", }, ], notes: [ { category: "general", text: "A flaw was found in ansible 2.8.0 before 2.8.4. Fields managing sensitive data should be set as such by no_log feature. Some of these fields in GCP modules are not set properly. service_account_contents() which is common class for all gcp modules is not setting no_log to True. Any sensitive data managed by that function would be leak as an output when running ansible playbooks.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10217", url: "https://www.suse.com/security/cve/CVE-2019-10217", }, { category: "external", summary: "SUSE Bug 1144453 for CVE-2019-10217", url: "https://bugzilla.suse.com/1144453", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10217", }, { cve: "CVE-2019-14846", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14846", }, ], notes: [ { category: "general", text: "In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible modules, as those are executed in a separate process.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14846", url: "https://www.suse.com/security/cve/CVE-2019-14846", }, { category: "external", summary: "SUSE Bug 1153452 for CVE-2019-14846", url: "https://bugzilla.suse.com/1153452", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "low", }, ], title: "CVE-2019-14846", }, { cve: "CVE-2019-14856", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14856", }, ], notes: [ { category: "general", text: "ansible before versions 2.8.6, 2.7.14, 2.6.20 is vulnerable to a None", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14856", url: "https://www.suse.com/security/cve/CVE-2019-14856", }, { category: "external", summary: "SUSE Bug 1154232 for CVE-2019-14856", url: "https://bugzilla.suse.com/1154232", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "low", }, ], title: "CVE-2019-14856", }, { cve: "CVE-2019-14858", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14858", }, ], notes: [ { category: "general", text: "A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argument_spec with sub parameters marked as no_log, passing an invalid parameter name to the module will cause the task to fail before the no_log options in the sub parameters are processed. As a result, data in the sub parameter fields will not be masked and will be displayed if Ansible is run with increased verbosity and present in the module invocation arguments for the task.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14858", url: "https://www.suse.com/security/cve/CVE-2019-14858", }, { category: "external", summary: "SUSE Bug 1154231 for CVE-2019-14858", url: "https://bugzilla.suse.com/1154231", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "low", }, ], title: "CVE-2019-14858", }, { cve: "CVE-2019-14864", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14864", }, ], notes: [ { category: "general", text: "Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag no_log set it to True when Sumologic and Splunk callback plugins are used send tasks results events to collectors. This would discloses and collects any sensitive data.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14864", url: "https://www.suse.com/security/cve/CVE-2019-14864", }, { category: "external", summary: "SUSE Bug 1154830 for CVE-2019-14864", url: "https://bugzilla.suse.com/1154830", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-14864", }, { cve: "CVE-2019-14904", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14904", }, ], notes: [ { category: "general", text: "A flaw was found in the solaris_zone module from the Ansible Community modules. When setting the name for the zone on the Solaris host, the zone name is checked by listing the process with the 'ps' bare command on the remote machine. An attacker could take advantage of this flaw by crafting the name of the zone and executing arbitrary commands in the remote host. Ansible Engine 2.7.15, 2.8.7, and 2.9.2 as well as previous versions are affected.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14904", url: "https://www.suse.com/security/cve/CVE-2019-14904", }, { category: "external", summary: "SUSE Bug 1157968 for CVE-2019-14904", url: "https://bugzilla.suse.com/1157968", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "important", }, ], title: "CVE-2019-14904", }, { cve: "CVE-2019-14905", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14905", }, ], notes: [ { category: "general", text: "A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, where in Ansible's nxos_file_copy module can be used to copy files to a flash or bootflash on NXOS devices. Malicious code could craft the filename parameter to perform OS command injections. This could result in a loss of confidentiality of the system among other issues.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14905", url: "https://www.suse.com/security/cve/CVE-2019-14905", }, { category: "external", summary: "SUSE Bug 1157969 for CVE-2019-14905", url: "https://bugzilla.suse.com/1157969", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "important", }, ], title: "CVE-2019-14905", }, { cve: "CVE-2019-3828", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3828", }, ], notes: [ { category: "general", text: "Ansible fetch module before versions 2.5.15, 2.6.14, 2.7.8 has a path traversal vulnerability which allows copying and overwriting files outside of the specified destination in the local ansible controller host, by not restricting an absolute path.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3828", url: "https://www.suse.com/security/cve/CVE-2019-3828", }, { category: "external", summary: "SUSE Bug 1126503 for CVE-2019-3828", url: "https://bugzilla.suse.com/1126503", }, { category: "external", summary: "SUSE Bug 1164137 for CVE-2019-3828", url: "https://bugzilla.suse.com/1164137", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-3828", }, { cve: "CVE-2020-10684", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10684", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x prior to 2.7.17, 2.8.9 and 2.9.6 respectively, when using ansible_facts as a subkey of itself and promoting it to a variable when inject is enabled, overwriting the ansible_facts after the clean. An attacker could take advantage of this by altering the ansible_facts, such as ansible_hosts, users and any other key data which would lead into privilege escalation or code injection.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-10684", url: "https://www.suse.com/security/cve/CVE-2020-10684", }, { category: "external", summary: "SUSE Bug 1167532 for CVE-2020-10684", url: "https://bugzilla.suse.com/1167532", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "important", }, ], title: "CVE-2020-10684", }, { cve: "CVE-2020-10685", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10685", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as assemble, script, unarchive, win_copy, aws_s3 or copy modules. The temporary directory is created in /tmp leaves the s ts unencrypted. On Operating Systems which /tmp is not a tmpfs but part of the root partition, the directory is only cleared on boot and the decryp emains when the host is switched off. The system will be vulnerable when the system is not running. So decrypted data must be cleared as soon as possible and the data which normally is encrypted ble.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-10685", url: "https://www.suse.com/security/cve/CVE-2020-10685", }, { category: "external", summary: "SUSE Bug 1167440 for CVE-2020-10685", url: "https://bugzilla.suse.com/1167440", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-10685", }, { cve: "CVE-2020-10691", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10691", }, ], notes: [ { category: "general", text: "An archive traversal flaw was found in all ansible-engine versions 2.9.x prior to 2.9.7, when running ansible-galaxy collection install. When extracting a collection .tar.gz file, the directory is created without sanitizing the filename. An attacker could take advantage to overwrite any file within the system.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-10691", url: "https://www.suse.com/security/cve/CVE-2020-10691", }, { category: "external", summary: "SUSE Bug 1167873 for CVE-2020-10691", url: "https://bugzilla.suse.com/1167873", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-10691", }, { cve: "CVE-2020-10729", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10729", }, ], notes: [ { category: "general", text: "A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal value as the template caching action for the same file since no re-evaluation happens. The highest threat from this vulnerability would be that all passwords are exposed at once for the file. This flaw affects Ansible Engine versions before 2.9.6.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-10729", url: "https://www.suse.com/security/cve/CVE-2020-10729", }, { category: "external", summary: "SUSE Bug 1171162 for CVE-2020-10729", url: "https://bugzilla.suse.com/1171162", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-10729", }, { cve: "CVE-2020-14330", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-14330", }, ], notes: [ { category: "general", text: "An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is exposed to content and json output. This flaw allows an attacker to access the logs or outputs of performed tasks to read keys used in playbooks from other users within the uri module. The highest threat from this vulnerability is to data confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-14330", url: "https://www.suse.com/security/cve/CVE-2020-14330", }, { category: "external", summary: "SUSE Bug 1174145 for CVE-2020-14330", url: "https://bugzilla.suse.com/1174145", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-14330", }, { cve: "CVE-2020-14332", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-14332", }, ], notes: [ { category: "general", text: "A flaw was found in the Ansible Engine when using module_args. Tasks executed with check mode (--check-mode) do not properly neutralize sensitive data exposed in the event data. This flaw allows unauthorized users to read this data. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-14332", url: "https://www.suse.com/security/cve/CVE-2020-14332", }, { category: "external", summary: "SUSE Bug 1174302 for CVE-2020-14332", url: "https://bugzilla.suse.com/1174302", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-14332", }, { cve: "CVE-2020-1733", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1733", }, ], notes: [ { category: "general", text: "A race condition flaw was found in Ansible Engine 2.7.17 and prior, 2.8.9 and prior, 2.9.6 and prior when running a playbook with an unprivileged become user. When Ansible needs to run a module with become user, the temporary directory is created in /var/tmp. This directory is created with \"umask 77 && mkdir -p <dir>\"; this operation does not fail if the directory already exists and is owned by another user. An attacker could take advantage to gain control of the become user as the target directory can be retrieved by iterating '/proc/<pid>/cmdline'.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1733", url: "https://www.suse.com/security/cve/CVE-2020-1733", }, { category: "external", summary: "SUSE Bug 1164140 for CVE-2020-1733", url: "https://bugzilla.suse.com/1164140", }, { category: "external", summary: "SUSE Bug 1171823 for CVE-2020-1733", url: "https://bugzilla.suse.com/1171823", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1733", }, { cve: "CVE-2020-1734", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1734", }, ], notes: [ { category: "general", text: "A flaw was found in the pipe lookup plugin of ansible. Arbitrary commands can be run, when the pipe lookup plugin uses subprocess.Popen() with shell=True, by overwriting ansible facts and the variable is not escaped by quote plugin. An attacker could take advantage and run arbitrary commands by overwriting the ansible facts.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1734", url: "https://www.suse.com/security/cve/CVE-2020-1734", }, { category: "external", summary: "SUSE Bug 1164139 for CVE-2020-1734", url: "https://bugzilla.suse.com/1164139", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "important", }, ], title: "CVE-2020-1734", }, { cve: "CVE-2020-1735", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1735", }, ], notes: [ { category: "general", text: "A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destination path on the controller node. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1735", url: "https://www.suse.com/security/cve/CVE-2020-1735", }, { category: "external", summary: "SUSE Bug 1164137 for CVE-2020-1735", url: "https://bugzilla.suse.com/1164137", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1735", }, { cve: "CVE-2020-1736", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1736", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode cannot be specified. This sets the destination files world-readable if the destination file does not exist and if the file exists, the file could be changed to have less restrictive permissions before the move. This could lead to the disclosure of sensitive data. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1736", url: "https://www.suse.com/security/cve/CVE-2020-1736", }, { category: "external", summary: "SUSE Bug 1164134 for CVE-2020-1736", url: "https://bugzilla.suse.com/1164134", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.2, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "low", }, ], title: "CVE-2020-1736", }, { cve: "CVE-2020-1737", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1737", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the win_unzip module as the extracted file(s) are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive anywhere in the file system, using a path traversal. This issue is fixed in 2.10.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1737", url: "https://www.suse.com/security/cve/CVE-2020-1737", }, { category: "external", summary: "SUSE Bug 1164138 for CVE-2020-1737", url: "https://bugzilla.suse.com/1164138", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "important", }, ], title: "CVE-2020-1737", }, { cve: "CVE-2020-1738", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1738", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible Engine when the module package or service is used and the parameter 'use' is not specified. If a previous task is executed with a malicious user, the module sent can be selected by the attacker using the ansible facts file. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1738", url: "https://www.suse.com/security/cve/CVE-2020-1738", }, { category: "external", summary: "SUSE Bug 1164136 for CVE-2020-1738", url: "https://bugzilla.suse.com/1164136", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1738", }, { cve: "CVE-2020-1739", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1739", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the argument \"password\" of svn module, it is used on svn command line, disclosing to other users within the same node. An attacker could take advantage by reading the cmdline file from that particular PID on the procfs.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1739", url: "https://www.suse.com/security/cve/CVE-2020-1739", }, { category: "external", summary: "SUSE Bug 1164133 for CVE-2020-1739", url: "https://bugzilla.suse.com/1164133", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1739", }, { cve: "CVE-2020-1740", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1740", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes \"ansible-vault edit\", another user on the same computer can read the old and new secret, as it is created in a temporary file with mkstemp and the returned file descriptor is closed and the method write_data is called to write the existing secret in the file. This method will delete the file before recreating it insecurely. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1740", url: "https://www.suse.com/security/cve/CVE-2020-1740", }, { category: "external", summary: "SUSE Bug 1164135 for CVE-2020-1740", url: "https://bugzilla.suse.com/1164135", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.9, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "low", }, ], title: "CVE-2020-1740", }, { cve: "CVE-2020-1744", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1744", }, ], notes: [ { category: "general", text: "A flaw was found in keycloak before version 9.0.1. When configuring an Conditional OTP Authentication Flow as a post login flow of an IDP, the failure login events for OTP are not being sent to the brute force protection event queue. So BruteForceProtector does not handle this events.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1744", url: "https://www.suse.com/security/cve/CVE-2020-1744", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1744", }, { cve: "CVE-2020-1746", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1746", }, ], notes: [ { category: "general", text: "A flaw was found in the Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when the ldap_attr and ldap_entry community modules are used. The issue discloses the LDAP bind password to stdout or a log file if a playbook task is written using the bind_pw in the parameters field. The highest threat from this vulnerability is data confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1746", url: "https://www.suse.com/security/cve/CVE-2020-1746", }, { category: "external", summary: "SUSE Bug 1165393 for CVE-2020-1746", url: "https://bugzilla.suse.com/1165393", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1746", }, { cve: "CVE-2020-1753", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1753", }, ], notes: [ { category: "general", text: "A security flaw was found in Ansible Engine, all Ansible 2.7.x versions prior to 2.7.17, all Ansible 2.8.x versions prior to 2.8.11 and all Ansible 2.9.x versions prior to 2.9.7, when managing kubernetes using the k8s module. Sensitive parameters such as passwords and tokens are passed to kubectl from the command line, not using an environment variable or an input configuration file. This will disclose passwords and tokens from process list and no_log directive from debug module would not have any effect making these secrets being disclosed on stdout and log files.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1753", url: "https://www.suse.com/security/cve/CVE-2020-1753", }, { category: "external", summary: "SUSE Bug 1166389 for CVE-2020-1753", url: "https://bugzilla.suse.com/1166389", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1753", }, { cve: "CVE-2021-20178", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20178", }, ], notes: [ { category: "general", text: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-20178", url: "https://www.suse.com/security/cve/CVE-2021-20178", }, { category: "external", summary: "SUSE Bug 1180816 for CVE-2021-20178", url: "https://bugzilla.suse.com/1180816", }, { category: "external", summary: "SUSE Bug 1186493 for CVE-2021-20178", url: "https://bugzilla.suse.com/1186493", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-20178", }, { cve: "CVE-2021-20180", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20180", }, ], notes: [ { category: "general", text: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-20180", url: "https://www.suse.com/security/cve/CVE-2021-20180", }, { category: "external", summary: "SUSE Bug 1180942 for CVE-2021-20180", url: "https://bugzilla.suse.com/1180942", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-20180", }, { cve: "CVE-2021-20191", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20191", }, ], notes: [ { category: "general", text: "A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality. Versions before ansible 2.9.18 are affected.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-20191", url: "https://www.suse.com/security/cve/CVE-2021-20191", }, { category: "external", summary: "SUSE Bug 1181119 for CVE-2021-20191", url: "https://bugzilla.suse.com/1181119", }, { category: "external", summary: "SUSE Bug 1181935 for CVE-2021-20191", url: "https://bugzilla.suse.com/1181935", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-20191", }, { cve: "CVE-2021-20228", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20228", }, ], notes: [ { category: "general", text: "A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-20228", url: "https://www.suse.com/security/cve/CVE-2021-20228", }, { category: "external", summary: "SUSE Bug 1181935 for CVE-2021-20228", url: "https://bugzilla.suse.com/1181935", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-20228", }, { cve: "CVE-2021-3583", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3583", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts being handled do not routinely include special template characters. This flaw allows attackers to perform command injection, which discloses sensitive information. The highest threat from this vulnerability is to confidentiality and integrity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3583", url: "https://www.suse.com/security/cve/CVE-2021-3583", }, { category: "external", summary: "SUSE Bug 1188061 for CVE-2021-3583", url: "https://bugzilla.suse.com/1188061", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-3583", }, ], }
opensuse-su-2024:14536-1
Vulnerability from csaf_opensuse
Published
2024-12-02 00:00
Modified
2024-12-02 00:00
Summary
ansible-10-10.6.0-1.1 on GA media
Notes
Title of the patch
ansible-10-10.6.0-1.1 on GA media
Description of the patch
These are all security issues fixed in the ansible-10-10.6.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-14536
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "ansible-10-10.6.0-1.1 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the ansible-10-10.6.0-1.1 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2024-14536", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14536-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2024:14536-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7LWEIR2LXW4QRWCY6HDMLUO2OTX5OZIC/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2024:14536-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7LWEIR2LXW4QRWCY6HDMLUO2OTX5OZIC/", }, { category: "self", summary: "SUSE CVE CVE-2014-4966 page", url: "https://www.suse.com/security/cve/CVE-2014-4966/", }, { category: "self", summary: "SUSE CVE CVE-2014-4967 page", url: "https://www.suse.com/security/cve/CVE-2014-4967/", }, { category: "self", summary: "SUSE CVE CVE-2015-3908 page", url: "https://www.suse.com/security/cve/CVE-2015-3908/", }, { category: "self", summary: "SUSE CVE CVE-2016-3096 page", url: "https://www.suse.com/security/cve/CVE-2016-3096/", }, { category: "self", summary: "SUSE CVE CVE-2016-9587 page", url: "https://www.suse.com/security/cve/CVE-2016-9587/", }, { category: "self", summary: "SUSE CVE CVE-2017-7466 page", url: "https://www.suse.com/security/cve/CVE-2017-7466/", }, { category: "self", summary: "SUSE CVE CVE-2017-7481 page", url: "https://www.suse.com/security/cve/CVE-2017-7481/", }, { category: "self", summary: "SUSE CVE CVE-2017-7550 page", url: "https://www.suse.com/security/cve/CVE-2017-7550/", }, { category: "self", summary: "SUSE CVE CVE-2018-10855 page", url: "https://www.suse.com/security/cve/CVE-2018-10855/", }, { category: "self", summary: "SUSE CVE CVE-2018-10875 page", url: "https://www.suse.com/security/cve/CVE-2018-10875/", }, { category: "self", summary: "SUSE CVE CVE-2018-16837 page", url: "https://www.suse.com/security/cve/CVE-2018-16837/", }, { category: "self", summary: "SUSE CVE CVE-2018-16859 page", url: "https://www.suse.com/security/cve/CVE-2018-16859/", }, { category: "self", summary: "SUSE CVE CVE-2018-16876 page", url: "https://www.suse.com/security/cve/CVE-2018-16876/", }, { category: "self", summary: "SUSE CVE CVE-2019-10156 page", url: "https://www.suse.com/security/cve/CVE-2019-10156/", }, { category: "self", summary: "SUSE CVE CVE-2019-10206 page", url: "https://www.suse.com/security/cve/CVE-2019-10206/", }, { category: "self", summary: "SUSE CVE CVE-2019-10217 page", url: "https://www.suse.com/security/cve/CVE-2019-10217/", }, { category: "self", summary: "SUSE CVE CVE-2019-14846 page", url: "https://www.suse.com/security/cve/CVE-2019-14846/", }, { category: "self", summary: "SUSE CVE CVE-2019-14856 page", url: "https://www.suse.com/security/cve/CVE-2019-14856/", }, { category: "self", summary: "SUSE CVE CVE-2019-14858 page", url: "https://www.suse.com/security/cve/CVE-2019-14858/", }, { category: "self", summary: "SUSE CVE CVE-2019-14864 page", url: "https://www.suse.com/security/cve/CVE-2019-14864/", }, { category: "self", summary: "SUSE CVE CVE-2019-14904 page", url: "https://www.suse.com/security/cve/CVE-2019-14904/", }, { category: "self", summary: "SUSE CVE CVE-2019-14905 page", url: "https://www.suse.com/security/cve/CVE-2019-14905/", }, { category: "self", summary: "SUSE CVE CVE-2019-3828 page", url: "https://www.suse.com/security/cve/CVE-2019-3828/", }, { category: "self", summary: "SUSE CVE CVE-2020-10684 page", url: "https://www.suse.com/security/cve/CVE-2020-10684/", }, { category: "self", summary: "SUSE CVE CVE-2020-10685 page", url: "https://www.suse.com/security/cve/CVE-2020-10685/", }, { category: "self", summary: "SUSE CVE CVE-2020-10691 page", url: "https://www.suse.com/security/cve/CVE-2020-10691/", }, { category: "self", summary: "SUSE CVE CVE-2020-10729 page", url: "https://www.suse.com/security/cve/CVE-2020-10729/", }, { category: "self", summary: "SUSE CVE CVE-2020-14330 page", url: "https://www.suse.com/security/cve/CVE-2020-14330/", }, { category: "self", summary: "SUSE CVE CVE-2020-14332 page", url: "https://www.suse.com/security/cve/CVE-2020-14332/", }, { category: "self", summary: "SUSE CVE CVE-2020-1733 page", url: "https://www.suse.com/security/cve/CVE-2020-1733/", }, { category: "self", summary: "SUSE CVE CVE-2020-1734 page", url: "https://www.suse.com/security/cve/CVE-2020-1734/", }, { category: "self", summary: "SUSE CVE CVE-2020-1735 page", url: "https://www.suse.com/security/cve/CVE-2020-1735/", }, { category: "self", summary: "SUSE CVE CVE-2020-1736 page", url: "https://www.suse.com/security/cve/CVE-2020-1736/", }, { category: "self", summary: "SUSE CVE CVE-2020-1737 page", url: "https://www.suse.com/security/cve/CVE-2020-1737/", }, { category: "self", summary: "SUSE CVE CVE-2020-1738 page", url: "https://www.suse.com/security/cve/CVE-2020-1738/", }, { category: "self", summary: "SUSE CVE CVE-2020-1739 page", url: "https://www.suse.com/security/cve/CVE-2020-1739/", }, { category: "self", summary: "SUSE CVE CVE-2020-1740 page", url: "https://www.suse.com/security/cve/CVE-2020-1740/", }, { category: "self", summary: "SUSE CVE CVE-2020-1744 page", url: "https://www.suse.com/security/cve/CVE-2020-1744/", }, { category: "self", summary: "SUSE CVE CVE-2020-1746 page", url: "https://www.suse.com/security/cve/CVE-2020-1746/", }, { category: "self", summary: "SUSE CVE CVE-2020-1753 page", url: "https://www.suse.com/security/cve/CVE-2020-1753/", }, { category: "self", summary: "SUSE CVE CVE-2021-20178 page", url: "https://www.suse.com/security/cve/CVE-2021-20178/", }, { category: "self", summary: "SUSE CVE CVE-2021-20180 page", url: "https://www.suse.com/security/cve/CVE-2021-20180/", }, { category: "self", summary: "SUSE CVE CVE-2021-20191 page", url: "https://www.suse.com/security/cve/CVE-2021-20191/", }, { category: "self", summary: "SUSE CVE CVE-2021-20228 page", url: "https://www.suse.com/security/cve/CVE-2021-20228/", }, { category: "self", summary: "SUSE CVE CVE-2021-3583 page", url: "https://www.suse.com/security/cve/CVE-2021-3583/", }, ], title: "ansible-10-10.6.0-1.1 on GA media", tracking: { current_release_date: "2024-12-02T00:00:00Z", generator: { date: "2024-12-02T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2024:14536-1", initial_release_date: "2024-12-02T00:00:00Z", revision_history: [ { date: "2024-12-02T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "ansible-10-10.6.0-1.1.aarch64", product: { name: "ansible-10-10.6.0-1.1.aarch64", product_id: "ansible-10-10.6.0-1.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "ansible-10-10.6.0-1.1.ppc64le", product: { name: "ansible-10-10.6.0-1.1.ppc64le", product_id: "ansible-10-10.6.0-1.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "ansible-10-10.6.0-1.1.s390x", product: { name: "ansible-10-10.6.0-1.1.s390x", product_id: "ansible-10-10.6.0-1.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "ansible-10-10.6.0-1.1.x86_64", product: { name: "ansible-10-10.6.0-1.1.x86_64", product_id: "ansible-10-10.6.0-1.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ansible-10-10.6.0-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", }, product_reference: "ansible-10-10.6.0-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "ansible-10-10.6.0-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", }, product_reference: "ansible-10-10.6.0-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "ansible-10-10.6.0-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", }, product_reference: "ansible-10-10.6.0-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "ansible-10-10.6.0-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", }, product_reference: "ansible-10-10.6.0-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2014-4966", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-4966", }, ], notes: [ { category: "general", text: "Ansible before 1.6.7 does not prevent inventory data with \"{{\" and \"lookup\" substrings, and does not prevent remote data with \"{{\" substrings, which allows remote attackers to execute arbitrary code via (1) crafted lookup('pipe') calls or (2) crafted Jinja2 data.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-4966", url: "https://www.suse.com/security/cve/CVE-2014-4966", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-4966", }, { cve: "CVE-2014-4967", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-4967", }, ], notes: [ { category: "general", text: "Multiple argument injection vulnerabilities in Ansible before 1.6.7 allow remote attackers to execute arbitrary code by leveraging access to an Ansible managed host and providing a crafted fact, as demonstrated by a fact with (1) a trailing \" src=\" clause, (2) a trailing \" temp=\" clause, or (3) a trailing \" validate=\" clause accompanied by a shell command.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-4967", url: "https://www.suse.com/security/cve/CVE-2014-4967", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-4967", }, { cve: "CVE-2015-3908", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-3908", }, ], notes: [ { category: "general", text: "Ansible before 1.9.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-3908", url: "https://www.suse.com/security/cve/CVE-2015-3908", }, { category: "external", summary: "SUSE Bug 938161 for CVE-2015-3908", url: "https://bugzilla.suse.com/938161", }, { category: "external", summary: "SUSE Bug 938399 for CVE-2015-3908", url: "https://bugzilla.suse.com/938399", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "important", }, ], title: "CVE-2015-3908", }, { cve: "CVE-2016-3096", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-3096", }, ], notes: [ { category: "general", text: "The create_script function in the lxc_container module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on (1) /opt/.lxc-attach-script, (2) the archived container in the archive_path directory, or the (3) lxc-attach-script.log or (4) lxc-attach-script.err files in the temporary directory.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-3096", url: "https://www.suse.com/security/cve/CVE-2016-3096", }, { category: "external", summary: "SUSE Bug 973546 for CVE-2016-3096", url: "https://bugzilla.suse.com/973546", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "important", }, ], title: "CVE-2016-3096", }, { cve: "CVE-2016-9587", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-9587", }, ], notes: [ { category: "general", text: "Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed by Ansible and the ability to send facts back to the Ansible server could use this flaw to execute arbitrary code on the Ansible server using the Ansible server privileges.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-9587", url: "https://www.suse.com/security/cve/CVE-2016-9587", }, { category: "external", summary: "SUSE Bug 1019021 for CVE-2016-9587", url: "https://bugzilla.suse.com/1019021", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "important", }, ], title: "CVE-2016-9587", }, { cve: "CVE-2017-7466", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7466", }, ], notes: [ { category: "general", text: "Ansible before version 2.3 has an input validation vulnerability in the handling of data sent from client systems. An attacker with control over a client system being managed by Ansible, and the ability to send facts back to the Ansible server, could use this flaw to execute arbitrary code on the Ansible server using the Ansible server privileges.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7466", url: "https://www.suse.com/security/cve/CVE-2017-7466", }, { category: "external", summary: "SUSE Bug 1019021 for CVE-2017-7466", url: "https://bugzilla.suse.com/1019021", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "important", }, ], title: "CVE-2017-7466", }, { cve: "CVE-2017-7481", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7481", }, ], notes: [ { category: "general", text: "Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templating language is now marked as 'unsafe' and is not evaluated.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7481", url: "https://www.suse.com/security/cve/CVE-2017-7481", }, { category: "external", summary: "SUSE Bug 1038785 for CVE-2017-7481", url: "https://bugzilla.suse.com/1038785", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-7481", }, { cve: "CVE-2017-7550", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7550", }, ], notes: [ { category: "general", text: "A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x before 2.4.1) passed certain parameters to the jenkins_plugin module. Remote attackers could use this flaw to expose sensitive information from a remote host's logs. This flaw was fixed by not allowing passwords to be specified in the \"params\" argument, and noting this in the module documentation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7550", url: "https://www.suse.com/security/cve/CVE-2017-7550", }, { category: "external", summary: "SUSE Bug 1035124 for CVE-2017-7550", url: "https://bugzilla.suse.com/1035124", }, { category: "external", summary: "SUSE Bug 1065872 for CVE-2017-7550", url: "https://bugzilla.suse.com/1065872", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "important", }, ], title: "CVE-2017-7550", }, { cve: "CVE-2018-10855", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10855", }, ], notes: [ { category: "general", text: "Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the no_log task flag for failed tasks. When the no_log flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible will expose sensitive data in log files and on the terminal of the user running Ansible.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10855", url: "https://www.suse.com/security/cve/CVE-2018-10855", }, { category: "external", summary: "SUSE Bug 1097775 for CVE-2018-10855", url: "https://bugzilla.suse.com/1097775", }, { category: "external", summary: "SUSE Bug 1099808 for CVE-2018-10855", url: "https://bugzilla.suse.com/1099808", }, { category: "external", summary: "SUSE Bug 1109957 for CVE-2018-10855", url: "https://bugzilla.suse.com/1109957", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-10855", }, { cve: "CVE-2018-10875", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10875", }, ], notes: [ { category: "general", text: "A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10875", url: "https://www.suse.com/security/cve/CVE-2018-10875", }, { category: "external", summary: "SUSE Bug 1099808 for CVE-2018-10875", url: "https://bugzilla.suse.com/1099808", }, { category: "external", summary: "SUSE Bug 1109957 for CVE-2018-10875", url: "https://bugzilla.suse.com/1109957", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "important", }, ], title: "CVE-2018-10875", }, { cve: "CVE-2018-16837", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16837", }, ], notes: [ { category: "general", text: "Ansible \"User\" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passphrases credentials passed as a parameter for the ssh-keygen executable. Showing those credentials in clear text form for every user which have access just to the process list.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16837", url: "https://www.suse.com/security/cve/CVE-2018-16837", }, { category: "external", summary: "SUSE Bug 1112959 for CVE-2018-16837", url: "https://bugzilla.suse.com/1112959", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "important", }, ], title: "CVE-2018-16837", }, { cve: "CVE-2018-16859", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16859", }, ], notes: [ { category: "general", text: "Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. A local user with administrator privileges on the machine can view these logs and discover the plaintext password. Ansible Engine 2.8 and older are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16859", url: "https://www.suse.com/security/cve/CVE-2018-16859", }, { category: "external", summary: "SUSE Bug 1109957 for CVE-2018-16859", url: "https://bugzilla.suse.com/1109957", }, { category: "external", summary: "SUSE Bug 1116587 for CVE-2018-16859", url: "https://bugzilla.suse.com/1116587", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-16859", }, { cve: "CVE-2018-16876", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16876", }, ], notes: [ { category: "general", text: "ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can lead to leakage of sensible data.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16876", url: "https://www.suse.com/security/cve/CVE-2018-16876", }, { category: "external", summary: "SUSE Bug 1109957 for CVE-2018-16876", url: "https://bugzilla.suse.com/1109957", }, { category: "external", summary: "SUSE Bug 1118896 for CVE-2018-16876", url: "https://bugzilla.suse.com/1118896", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.1, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "low", }, ], title: "CVE-2018-16876", }, { cve: "CVE-2019-10156", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10156", }, ], notes: [ { category: "general", text: "A flaw was discovered in the way Ansible templating was implemented in versions before 2.6.18, 2.7.12 and 2.8.2, causing the possibility of information disclosure through unexpected variable substitution. By taking advantage of unintended variable substitution the content of any variable may be disclosed.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10156", url: "https://www.suse.com/security/cve/CVE-2019-10156", }, { category: "external", summary: "SUSE Bug 1137528 for CVE-2019-10156", url: "https://bugzilla.suse.com/1137528", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10156", }, { cve: "CVE-2019-10206", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10206", }, ], notes: [ { category: "general", text: "ansible-playbook -k and ansible cli tools, all versions 2.8.x before 2.8.4, all 2.7.x before 2.7.13 and all 2.6.x before 2.6.19, prompt passwords by expanding them from templates as they could contain special characters. Passwords should be wrapped to prevent templates trigger and exposing them.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10206", url: "https://www.suse.com/security/cve/CVE-2019-10206", }, { category: "external", summary: "SUSE Bug 1142690 for CVE-2019-10206", url: "https://bugzilla.suse.com/1142690", }, { category: "external", summary: "SUSE Bug 1154232 for CVE-2019-10206", url: "https://bugzilla.suse.com/1154232", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10206", }, { cve: "CVE-2019-10217", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10217", }, ], notes: [ { category: "general", text: "A flaw was found in ansible 2.8.0 before 2.8.4. Fields managing sensitive data should be set as such by no_log feature. Some of these fields in GCP modules are not set properly. service_account_contents() which is common class for all gcp modules is not setting no_log to True. Any sensitive data managed by that function would be leak as an output when running ansible playbooks.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10217", url: "https://www.suse.com/security/cve/CVE-2019-10217", }, { category: "external", summary: "SUSE Bug 1144453 for CVE-2019-10217", url: "https://bugzilla.suse.com/1144453", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10217", }, { cve: "CVE-2019-14846", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14846", }, ], notes: [ { category: "general", text: "In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible modules, as those are executed in a separate process.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14846", url: "https://www.suse.com/security/cve/CVE-2019-14846", }, { category: "external", summary: "SUSE Bug 1153452 for CVE-2019-14846", url: "https://bugzilla.suse.com/1153452", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "low", }, ], title: "CVE-2019-14846", }, { cve: "CVE-2019-14856", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14856", }, ], notes: [ { category: "general", text: "ansible before versions 2.8.6, 2.7.14, 2.6.20 is vulnerable to a None", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14856", url: "https://www.suse.com/security/cve/CVE-2019-14856", }, { category: "external", summary: "SUSE Bug 1154232 for CVE-2019-14856", url: "https://bugzilla.suse.com/1154232", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "low", }, ], title: "CVE-2019-14856", }, { cve: "CVE-2019-14858", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14858", }, ], notes: [ { category: "general", text: "A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argument_spec with sub parameters marked as no_log, passing an invalid parameter name to the module will cause the task to fail before the no_log options in the sub parameters are processed. As a result, data in the sub parameter fields will not be masked and will be displayed if Ansible is run with increased verbosity and present in the module invocation arguments for the task.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14858", url: "https://www.suse.com/security/cve/CVE-2019-14858", }, { category: "external", summary: "SUSE Bug 1154231 for CVE-2019-14858", url: "https://bugzilla.suse.com/1154231", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "low", }, ], title: "CVE-2019-14858", }, { cve: "CVE-2019-14864", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14864", }, ], notes: [ { category: "general", text: "Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag no_log set it to True when Sumologic and Splunk callback plugins are used send tasks results events to collectors. This would discloses and collects any sensitive data.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14864", url: "https://www.suse.com/security/cve/CVE-2019-14864", }, { category: "external", summary: "SUSE Bug 1154830 for CVE-2019-14864", url: "https://bugzilla.suse.com/1154830", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-14864", }, { cve: "CVE-2019-14904", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14904", }, ], notes: [ { category: "general", text: "A flaw was found in the solaris_zone module from the Ansible Community modules. When setting the name for the zone on the Solaris host, the zone name is checked by listing the process with the 'ps' bare command on the remote machine. An attacker could take advantage of this flaw by crafting the name of the zone and executing arbitrary commands in the remote host. Ansible Engine 2.7.15, 2.8.7, and 2.9.2 as well as previous versions are affected.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14904", url: "https://www.suse.com/security/cve/CVE-2019-14904", }, { category: "external", summary: "SUSE Bug 1157968 for CVE-2019-14904", url: "https://bugzilla.suse.com/1157968", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "important", }, ], title: "CVE-2019-14904", }, { cve: "CVE-2019-14905", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14905", }, ], notes: [ { category: "general", text: "A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, where in Ansible's nxos_file_copy module can be used to copy files to a flash or bootflash on NXOS devices. Malicious code could craft the filename parameter to perform OS command injections. This could result in a loss of confidentiality of the system among other issues.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14905", url: "https://www.suse.com/security/cve/CVE-2019-14905", }, { category: "external", summary: "SUSE Bug 1157969 for CVE-2019-14905", url: "https://bugzilla.suse.com/1157969", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "important", }, ], title: "CVE-2019-14905", }, { cve: "CVE-2019-3828", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3828", }, ], notes: [ { category: "general", text: "Ansible fetch module before versions 2.5.15, 2.6.14, 2.7.8 has a path traversal vulnerability which allows copying and overwriting files outside of the specified destination in the local ansible controller host, by not restricting an absolute path.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3828", url: "https://www.suse.com/security/cve/CVE-2019-3828", }, { category: "external", summary: "SUSE Bug 1126503 for CVE-2019-3828", url: "https://bugzilla.suse.com/1126503", }, { category: "external", summary: "SUSE Bug 1164137 for CVE-2019-3828", url: "https://bugzilla.suse.com/1164137", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-3828", }, { cve: "CVE-2020-10684", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10684", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x prior to 2.7.17, 2.8.9 and 2.9.6 respectively, when using ansible_facts as a subkey of itself and promoting it to a variable when inject is enabled, overwriting the ansible_facts after the clean. An attacker could take advantage of this by altering the ansible_facts, such as ansible_hosts, users and any other key data which would lead into privilege escalation or code injection.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-10684", url: "https://www.suse.com/security/cve/CVE-2020-10684", }, { category: "external", summary: "SUSE Bug 1167532 for CVE-2020-10684", url: "https://bugzilla.suse.com/1167532", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "important", }, ], title: "CVE-2020-10684", }, { cve: "CVE-2020-10685", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10685", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as assemble, script, unarchive, win_copy, aws_s3 or copy modules. The temporary directory is created in /tmp leaves the s ts unencrypted. On Operating Systems which /tmp is not a tmpfs but part of the root partition, the directory is only cleared on boot and the decryp emains when the host is switched off. The system will be vulnerable when the system is not running. So decrypted data must be cleared as soon as possible and the data which normally is encrypted ble.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-10685", url: "https://www.suse.com/security/cve/CVE-2020-10685", }, { category: "external", summary: "SUSE Bug 1167440 for CVE-2020-10685", url: "https://bugzilla.suse.com/1167440", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-10685", }, { cve: "CVE-2020-10691", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10691", }, ], notes: [ { category: "general", text: "An archive traversal flaw was found in all ansible-engine versions 2.9.x prior to 2.9.7, when running ansible-galaxy collection install. When extracting a collection .tar.gz file, the directory is created without sanitizing the filename. An attacker could take advantage to overwrite any file within the system.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-10691", url: "https://www.suse.com/security/cve/CVE-2020-10691", }, { category: "external", summary: "SUSE Bug 1167873 for CVE-2020-10691", url: "https://bugzilla.suse.com/1167873", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-10691", }, { cve: "CVE-2020-10729", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10729", }, ], notes: [ { category: "general", text: "A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal value as the template caching action for the same file since no re-evaluation happens. The highest threat from this vulnerability would be that all passwords are exposed at once for the file. This flaw affects Ansible Engine versions before 2.9.6.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-10729", url: "https://www.suse.com/security/cve/CVE-2020-10729", }, { category: "external", summary: "SUSE Bug 1171162 for CVE-2020-10729", url: "https://bugzilla.suse.com/1171162", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-10729", }, { cve: "CVE-2020-14330", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-14330", }, ], notes: [ { category: "general", text: "An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is exposed to content and json output. This flaw allows an attacker to access the logs or outputs of performed tasks to read keys used in playbooks from other users within the uri module. The highest threat from this vulnerability is to data confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-14330", url: "https://www.suse.com/security/cve/CVE-2020-14330", }, { category: "external", summary: "SUSE Bug 1174145 for CVE-2020-14330", url: "https://bugzilla.suse.com/1174145", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-14330", }, { cve: "CVE-2020-14332", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-14332", }, ], notes: [ { category: "general", text: "A flaw was found in the Ansible Engine when using module_args. Tasks executed with check mode (--check-mode) do not properly neutralize sensitive data exposed in the event data. This flaw allows unauthorized users to read this data. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-14332", url: "https://www.suse.com/security/cve/CVE-2020-14332", }, { category: "external", summary: "SUSE Bug 1174302 for CVE-2020-14332", url: "https://bugzilla.suse.com/1174302", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-14332", }, { cve: "CVE-2020-1733", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1733", }, ], notes: [ { category: "general", text: "A race condition flaw was found in Ansible Engine 2.7.17 and prior, 2.8.9 and prior, 2.9.6 and prior when running a playbook with an unprivileged become user. When Ansible needs to run a module with become user, the temporary directory is created in /var/tmp. This directory is created with \"umask 77 && mkdir -p <dir>\"; this operation does not fail if the directory already exists and is owned by another user. An attacker could take advantage to gain control of the become user as the target directory can be retrieved by iterating '/proc/<pid>/cmdline'.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1733", url: "https://www.suse.com/security/cve/CVE-2020-1733", }, { category: "external", summary: "SUSE Bug 1164140 for CVE-2020-1733", url: "https://bugzilla.suse.com/1164140", }, { category: "external", summary: "SUSE Bug 1171823 for CVE-2020-1733", url: "https://bugzilla.suse.com/1171823", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1733", }, { cve: "CVE-2020-1734", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1734", }, ], notes: [ { category: "general", text: "A flaw was found in the pipe lookup plugin of ansible. Arbitrary commands can be run, when the pipe lookup plugin uses subprocess.Popen() with shell=True, by overwriting ansible facts and the variable is not escaped by quote plugin. An attacker could take advantage and run arbitrary commands by overwriting the ansible facts.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1734", url: "https://www.suse.com/security/cve/CVE-2020-1734", }, { category: "external", summary: "SUSE Bug 1164139 for CVE-2020-1734", url: "https://bugzilla.suse.com/1164139", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "important", }, ], title: "CVE-2020-1734", }, { cve: "CVE-2020-1735", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1735", }, ], notes: [ { category: "general", text: "A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destination path on the controller node. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1735", url: "https://www.suse.com/security/cve/CVE-2020-1735", }, { category: "external", summary: "SUSE Bug 1164137 for CVE-2020-1735", url: "https://bugzilla.suse.com/1164137", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1735", }, { cve: "CVE-2020-1736", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1736", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode cannot be specified. This sets the destination files world-readable if the destination file does not exist and if the file exists, the file could be changed to have less restrictive permissions before the move. This could lead to the disclosure of sensitive data. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1736", url: "https://www.suse.com/security/cve/CVE-2020-1736", }, { category: "external", summary: "SUSE Bug 1164134 for CVE-2020-1736", url: "https://bugzilla.suse.com/1164134", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.2, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "low", }, ], title: "CVE-2020-1736", }, { cve: "CVE-2020-1737", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1737", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the win_unzip module as the extracted file(s) are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive anywhere in the file system, using a path traversal. This issue is fixed in 2.10.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1737", url: "https://www.suse.com/security/cve/CVE-2020-1737", }, { category: "external", summary: "SUSE Bug 1164138 for CVE-2020-1737", url: "https://bugzilla.suse.com/1164138", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "important", }, ], title: "CVE-2020-1737", }, { cve: "CVE-2020-1738", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1738", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible Engine when the module package or service is used and the parameter 'use' is not specified. If a previous task is executed with a malicious user, the module sent can be selected by the attacker using the ansible facts file. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1738", url: "https://www.suse.com/security/cve/CVE-2020-1738", }, { category: "external", summary: "SUSE Bug 1164136 for CVE-2020-1738", url: "https://bugzilla.suse.com/1164136", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1738", }, { cve: "CVE-2020-1739", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1739", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the argument \"password\" of svn module, it is used on svn command line, disclosing to other users within the same node. An attacker could take advantage by reading the cmdline file from that particular PID on the procfs.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1739", url: "https://www.suse.com/security/cve/CVE-2020-1739", }, { category: "external", summary: "SUSE Bug 1164133 for CVE-2020-1739", url: "https://bugzilla.suse.com/1164133", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1739", }, { cve: "CVE-2020-1740", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1740", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes \"ansible-vault edit\", another user on the same computer can read the old and new secret, as it is created in a temporary file with mkstemp and the returned file descriptor is closed and the method write_data is called to write the existing secret in the file. This method will delete the file before recreating it insecurely. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1740", url: "https://www.suse.com/security/cve/CVE-2020-1740", }, { category: "external", summary: "SUSE Bug 1164135 for CVE-2020-1740", url: "https://bugzilla.suse.com/1164135", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.9, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "low", }, ], title: "CVE-2020-1740", }, { cve: "CVE-2020-1744", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1744", }, ], notes: [ { category: "general", text: "A flaw was found in keycloak before version 9.0.1. When configuring an Conditional OTP Authentication Flow as a post login flow of an IDP, the failure login events for OTP are not being sent to the brute force protection event queue. So BruteForceProtector does not handle this events.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1744", url: "https://www.suse.com/security/cve/CVE-2020-1744", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1744", }, { cve: "CVE-2020-1746", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1746", }, ], notes: [ { category: "general", text: "A flaw was found in the Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when the ldap_attr and ldap_entry community modules are used. The issue discloses the LDAP bind password to stdout or a log file if a playbook task is written using the bind_pw in the parameters field. The highest threat from this vulnerability is data confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1746", url: "https://www.suse.com/security/cve/CVE-2020-1746", }, { category: "external", summary: "SUSE Bug 1165393 for CVE-2020-1746", url: "https://bugzilla.suse.com/1165393", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1746", }, { cve: "CVE-2020-1753", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1753", }, ], notes: [ { category: "general", text: "A security flaw was found in Ansible Engine, all Ansible 2.7.x versions prior to 2.7.17, all Ansible 2.8.x versions prior to 2.8.11 and all Ansible 2.9.x versions prior to 2.9.7, when managing kubernetes using the k8s module. Sensitive parameters such as passwords and tokens are passed to kubectl from the command line, not using an environment variable or an input configuration file. This will disclose passwords and tokens from process list and no_log directive from debug module would not have any effect making these secrets being disclosed on stdout and log files.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1753", url: "https://www.suse.com/security/cve/CVE-2020-1753", }, { category: "external", summary: "SUSE Bug 1166389 for CVE-2020-1753", url: "https://bugzilla.suse.com/1166389", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1753", }, { cve: "CVE-2021-20178", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20178", }, ], notes: [ { category: "general", text: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-20178", url: "https://www.suse.com/security/cve/CVE-2021-20178", }, { category: "external", summary: "SUSE Bug 1180816 for CVE-2021-20178", url: "https://bugzilla.suse.com/1180816", }, { category: "external", summary: "SUSE Bug 1186493 for CVE-2021-20178", url: "https://bugzilla.suse.com/1186493", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-20178", }, { cve: "CVE-2021-20180", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20180", }, ], notes: [ { category: "general", text: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-20180", url: "https://www.suse.com/security/cve/CVE-2021-20180", }, { category: "external", summary: "SUSE Bug 1180942 for CVE-2021-20180", url: "https://bugzilla.suse.com/1180942", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-20180", }, { cve: "CVE-2021-20191", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20191", }, ], notes: [ { category: "general", text: "A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality. Versions before ansible 2.9.18 are affected.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-20191", url: "https://www.suse.com/security/cve/CVE-2021-20191", }, { category: "external", summary: "SUSE Bug 1181119 for CVE-2021-20191", url: "https://bugzilla.suse.com/1181119", }, { category: "external", summary: "SUSE Bug 1181935 for CVE-2021-20191", url: "https://bugzilla.suse.com/1181935", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-20191", }, { cve: "CVE-2021-20228", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20228", }, ], notes: [ { category: "general", text: "A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-20228", url: "https://www.suse.com/security/cve/CVE-2021-20228", }, { category: "external", summary: "SUSE Bug 1181935 for CVE-2021-20228", url: "https://bugzilla.suse.com/1181935", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-20228", }, { cve: "CVE-2021-3583", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3583", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts being handled do not routinely include special template characters. This flaw allows attackers to perform command injection, which discloses sensitive information. The highest threat from this vulnerability is to confidentiality and integrity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3583", url: "https://www.suse.com/security/cve/CVE-2021-3583", }, { category: "external", summary: "SUSE Bug 1188061 for CVE-2021-3583", url: "https://bugzilla.suse.com/1188061", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-3583", }, ], }
gsd-2020-1744
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
A flaw was found in keycloak before version 9.0.1. When configuring an Conditional OTP Authentication Flow as a post login flow of an IDP, the failure login events for OTP are not being sent to the brute force protection event queue. So BruteForceProtector does not handle this events.
Aliases
Aliases
{ GSD: { alias: "CVE-2020-1744", description: "A flaw was found in keycloak before version 9.0.1. When configuring an Conditional OTP Authentication Flow as a post login flow of an IDP, the failure login events for OTP are not being sent to the brute force protection event queue. So BruteForceProtector does not handle this events.", id: "GSD-2020-1744", references: [ "https://www.suse.com/security/cve/CVE-2020-1744.html", "https://access.redhat.com/errata/RHSA-2020:2905", "https://access.redhat.com/errata/RHSA-2020:2252", "https://access.redhat.com/errata/RHSA-2020:0951", "https://access.redhat.com/errata/RHSA-2020:0947", "https://access.redhat.com/errata/RHSA-2020:0946", "https://access.redhat.com/errata/RHSA-2020:0945", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2020-1744", ], details: "A flaw was found in keycloak before version 9.0.1. When configuring an Conditional OTP Authentication Flow as a post login flow of an IDP, the failure login events for OTP are not being sent to the brute force protection event queue. So BruteForceProtector does not handle this events.", id: "GSD-2020-1744", modified: "2023-12-13T01:21:57.817178Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2020-1744", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "keycloak", version: { version_data: [ { version_value: "all keycloak versions prior to 9.0.1", }, ], }, }, ], }, vendor_name: "Red Hat", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A flaw was found in keycloak before version 9.0.1. When configuring an Conditional OTP Authentication Flow as a post login flow of an IDP, the failure login events for OTP are not being sent to the brute force protection event queue. So BruteForceProtector does not handle this events.", }, ], }, impact: { cvss: [ [ { vectorString: "5.6/CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, ], ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-755", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1744", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1744", }, { name: "https://access.redhat.com/security/cve/CVE-2020-1744", refsource: "CONFIRM", url: "https://access.redhat.com/security/cve/CVE-2020-1744", }, ], }, }, "gitlab.com": { advisories: [ { affected_range: "(,9.0.1)", affected_versions: "All versions before 9.0.1", cvss_v2: "AV:N/AC:M/Au:N/C:P/I:P/A:P", cvss_v3: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", cwe_ids: [ "CWE-1035", "CWE-755", "CWE-937", ], date: "2021-09-20", description: "A flaw was found in keycloak before version 9.0.1. When configuring an Conditional OTP Authentication Flow as a post login flow of an IDP, the failure login events for OTP are not being sent to the brute force protection event queue. So BruteForceProtector does not handle this events.", fixed_versions: [ "9.0.1", ], identifier: "CVE-2020-1744", identifiers: [ "GHSA-4gf2-xv97-63m2", "CVE-2020-1744", ], not_impacted: "All versions starting from 9.0.1", package_slug: "maven/org.keycloak/keycloak-core", pubdate: "2021-09-20", solution: "Upgrade to version 9.0.1 or above.", title: "Improper Handling of Exceptional Conditions", urls: [ "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", "https://access.redhat.com/security/cve/CVE-2020-1744", "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1744", "https://github.com/advisories/GHSA-4gf2-xv97-63m2", ], uuid: "8b12ad8e-744c-45da-ab68-7a33a1a6c69e", }, { affected_range: "(,9.0.1)", affected_versions: "All versions before 9.0.1", cvss_v2: "AV:N/AC:M/Au:N/C:P/I:P/A:P", cvss_v3: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", cwe_ids: [ "CWE-1035", "CWE-200", "CWE-937", ], date: "2021-09-14", description: "When configuring a Conditional OTP Authentication Flow as a post login flow of an IDP, the failure login events for OTP are not being sent to the brute force protection event queue. So `BruteForceProtector` does not handle these events.", fixed_versions: [ "9.0.2", ], identifier: "CVE-2020-1744", identifiers: [ "CVE-2020-1744", ], not_impacted: "All versions starting from 9.0.1", package_slug: "maven/org.keycloak/keycloak-services", pubdate: "2020-03-24", solution: "Upgrade to version 9.0.2 or above.", title: "Information Exposure", urls: [ "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", "https://access.redhat.com/security/cve/CVE-2020-1744", "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1744", ], uuid: "6ff5c428-2c72-4256-b5b4-494f8906d7ba", }, { affected_range: "<9.0.1", affected_versions: "All versions before 9.0.1", cvss_v2: "AV:N/AC:M/Au:N/C:P/I:P/A:P", cvss_v3: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", cwe_ids: [ "CWE-1035", "CWE-200", "CWE-937", ], date: "2021-09-14", description: "A flaw was found in keycloak. When configuring a conditional OTP Authentication Flow as a post login flow of an IDP, the failure login events for OTP are not being sent to the brute force protection event queue. So `BruteForceProtector` does not handle these events.", fixed_versions: [ "9.0.2", ], identifier: "CVE-2020-1744", identifiers: [ "CVE-2020-1744", ], not_impacted: "All versions starting from 9.0.1", package_slug: "npm/keycloak-connect", pubdate: "2020-03-24", solution: "Upgrade to version 9.0.2 or above.", title: "Information Exposure", urls: [ "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", "https://access.redhat.com/security/cve/CVE-2020-1744", "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1744", ], uuid: "06238499-11f5-4ddd-ba7c-14990ff10226", }, ], }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:redhat:keycloak:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "9.0.1", vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2020-1744", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "A flaw was found in keycloak before version 9.0.1. When configuring an Conditional OTP Authentication Flow as a post login flow of an IDP, the failure login events for OTP are not being sent to the brute force protection event queue. So BruteForceProtector does not handle this events.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-755", }, ], }, ], }, references: { reference_data: [ { name: "https://access.redhat.com/security/cve/CVE-2020-1744", refsource: "CONFIRM", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/security/cve/CVE-2020-1744", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1744", refsource: "CONFIRM", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1744", }, ], }, }, impact: { baseMetricV2: { acInsufInfo: false, cvssV2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", userInteractionRequired: false, }, baseMetricV3: { cvssV3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 3.4, }, }, lastModifiedDate: "2022-11-16T03:13Z", publishedDate: "2020-03-24T14:15Z", }, }, }
ghsa-4gf2-xv97-63m2
Vulnerability from github
Published
2021-09-20 20:43
Modified
2021-09-16 18:21
Severity ?
Summary
Exposure of Sensitive Information in keycloak
Details
A flaw was found in keycloak before version 9.0.1. When configuring an Conditional OTP Authentication Flow as a post login flow of an IDP, the failure login events for OTP are not being sent to the brute force protection event queue. So BruteForceProtector does not handle this events.
{ affected: [ { package: { ecosystem: "Maven", name: "org.keycloak:keycloak-core", }, ranges: [ { events: [ { introduced: "0", }, { fixed: "9.0.1", }, ], type: "ECOSYSTEM", }, ], }, ], aliases: [ "CVE-2020-1744", ], database_specific: { cwe_ids: [ "CWE-200", "CWE-755", ], github_reviewed: true, github_reviewed_at: "2021-09-16T18:21:59Z", nvd_published_at: "2020-03-24T14:15:00Z", severity: "MODERATE", }, details: "A flaw was found in keycloak before version 9.0.1. When configuring an Conditional OTP Authentication Flow as a post login flow of an IDP, the failure login events for OTP are not being sent to the brute force protection event queue. So BruteForceProtector does not handle this events.", id: "GHSA-4gf2-xv97-63m2", modified: "2021-09-16T18:21:59Z", published: "2021-09-20T20:43:24Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1744", }, { type: "WEB", url: "https://access.redhat.com/security/cve/CVE-2020-1744", }, { type: "WEB", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1744", }, { type: "PACKAGE", url: "https://github.com/keycloak/keycloak", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", type: "CVSS_V3", }, ], summary: "Exposure of Sensitive Information in keycloak", }
fkie_cve-2020-1744
Vulnerability from fkie_nvd
Published
2020-03-24 14:15
Modified
2024-11-21 05:11
Severity ?
5.6 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
5.6 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
5.6 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Summary
A flaw was found in keycloak before version 9.0.1. When configuring an Conditional OTP Authentication Flow as a post login flow of an IDP, the failure login events for OTP are not being sent to the brute force protection event queue. So BruteForceProtector does not handle this events.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://access.redhat.com/security/cve/CVE-2020-1744 | Vendor Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1744 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/CVE-2020-1744 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1744 | Issue Tracking, Vendor Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:keycloak:*:*:*:*:*:*:*:*", matchCriteriaId: "23787EE3-4659-4D20-8473-C7237168FDB9", versionEndExcluding: "9.0.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A flaw was found in keycloak before version 9.0.1. When configuring an Conditional OTP Authentication Flow as a post login flow of an IDP, the failure login events for OTP are not being sent to the brute force protection event queue. So BruteForceProtector does not handle this events.", }, { lang: "es", value: "Se descubrió un fallo en keycloak versiones anteriores a la versión 9.0.1. Cuando se configura un Conditional OTP Authentication Flow como un flujo posterior al inicio de sesión de un IDP, los eventos de inicio de sesión fallidos para OTP no son enviados hacia la cola de eventos de protección de fuerza bruta. Entonces BruteForceProtector no maneja estos eventos.", }, ], id: "CVE-2020-1744", lastModified: "2024-11-21T05:11:17.480", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 3.4, source: "secalert@redhat.com", type: "Secondary", }, { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 3.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-03-24T14:15:13.293", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/security/cve/CVE-2020-1744", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1744", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/security/cve/CVE-2020-1744", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1744", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-755", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-755", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
wid-sec-w-2024-3589
Vulnerability from csaf_certbund
Published
2020-03-23 23:00
Modified
2024-12-03 23:00
Summary
Red Hat Single Sign On: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat Single Sign-On ist ein eigenständiger Server, basierend auf dem Keycloak Projekt.
Angriff
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Red Hat Single Sign On ausnutzen, um Sicherheitsvorkehrungen zu umgehen.
Betroffene Betriebssysteme
- Linux
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Red Hat Single Sign-On ist ein eigenständiger Server, basierend auf dem Keycloak Projekt.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Red Hat Single Sign On ausnutzen, um Sicherheitsvorkehrungen zu umgehen.", title: "Angriff", }, { category: "general", text: "- Linux", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2024-3589 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2020/wid-sec-w-2024-3589.json", }, { category: "self", summary: "WID-SEC-2024-3589 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3589", }, { category: "external", summary: "RedHat Security Advisory vom 2020-03-23", url: "https://access.redhat.com/errata/RHSA-2020:0945", }, { category: "external", summary: "RedHat Security Advisory vom 2020-03-23", url: "https://access.redhat.com/errata/RHSA-2020:0946", }, { category: "external", summary: "RedHat Security Advisory vom 2020-03-23", url: "https://access.redhat.com/errata/RHSA-2020:0947", }, { category: "external", summary: "RedHat Security Advisory vom 2020-03-23", url: "https://access.redhat.com/errata/RHSA-2020:0951", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2020:2252 vom 2020-06-01", url: "https://access.redhat.com/errata/RHSA-2020:2252", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2020:2905 vom 2020-07-23", url: "https://access.redhat.com/errata/RHSA-2020:2905", }, { category: "external", summary: "openSUSE Security Update OPENSUSE-SU-2024:14536-1 vom 2024-12-03", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7LWEIR2LXW4QRWCY6HDMLUO2OTX5OZIC/", }, ], source_lang: "en-US", title: "Red Hat Single Sign On: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen", tracking: { current_release_date: "2024-12-03T23:00:00.000+00:00", generator: { date: "2024-12-04T11:20:41.124+00:00", engine: { name: "BSI-WID", version: "1.3.10", }, }, id: "WID-SEC-W-2024-3589", initial_release_date: "2020-03-23T23:00:00.000+00:00", revision_history: [ { date: "2020-03-23T23:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2020-06-01T22:00:00.000+00:00", number: "2", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2020-07-22T22:00:00.000+00:00", number: "3", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-12-03T23:00:00.000+00:00", number: "4", summary: "Neue Updates von openSUSE aufgenommen", }, ], status: "final", version: "4", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux", product: { name: "Red Hat Enterprise Linux", product_id: "67646", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:-", }, }, }, { branches: [ { category: "product_version_range", name: "<7.3.7", product: { name: "Red Hat Single Sign On <7.3.7", product_id: "T016157", }, }, { category: "product_version", name: "7.3.7", product: { name: "Red Hat Single Sign On 7.3.7", product_id: "T016157-fixed", product_identification_helper: { cpe: "cpe:/a:redhat:single_sign_on:7.3.7", }, }, }, ], category: "product_name", name: "Single Sign On", }, ], category: "vendor", name: "Red Hat", }, { branches: [ { category: "product_name", name: "SUSE openSUSE", product: { name: "SUSE openSUSE", product_id: "T027843", product_identification_helper: { cpe: "cpe:/o:suse:opensuse:-", }, }, }, ], category: "vendor", name: "SUSE", }, ], }, vulnerabilities: [ { cve: "CVE-2020-1744", notes: [ { category: "description", text: "Es existiert eine Schwachstelle in Red Hat Single Sign On in keycloak. Ein fehlgeschlagenes Login wird nicht an BruteForceProtector gesendet, wenn Post Login Flow mit Conditional-OTP verwendet wird. Ein entfernter anonymer Angreifer kann diese Schwachstelle ausnutzen, um den BruteForce Schutz zu umgehen.", }, ], product_status: { known_affected: [ "67646", "T027843", "T016157", ], }, release_date: "2020-03-23T23:00:00.000+00:00", title: "CVE-2020-1744", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.