rhba-2020_1494
Vulnerability from csaf_redhat
Published
2020-04-16 19:46
Modified
2024-11-05 15:56
Summary
Red Hat Bug Fix Advisory: Satellite 6.6.3 Async Bug Fix Update
Notes
Topic
Updated Satellite 6.6 packages that fix several bugs are now available for Red Hat Satellite.
Details
Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments.
This update fixes the following bugs:
* New version of the plugin is available: 0.9.4 (BZ#1812592)
* [RFE] Handle host-related tasks in separate queue to avoid conflicts with user-related actions (BZ#1814424)
* convert_string_to_bool doesn't deal with array type (BZ#1814425)
* Publishing a new version of Content view is slow and taking huge time in Satellite 6.6. (BZ#1814426)
* drpms not getting copied over cv publish (BZ#1814427)
* file repo deletion is slow (BZ#1814428)
* Unable to enable the tools repository for Satellite 6.6. (BZ#1818940)
* satellite-installer --enable-foreman-plugin-inventory-upload still attempts to install old inventory package (BZ#1819911)
Users of Red Hat Satellite are advised to upgrade to these updated packages, which fix these bugs.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated Satellite 6.6 packages that fix several bugs are now available for Red Hat Satellite.", "title": "Topic" }, { "category": "general", "text": "Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments.\n\nThis update fixes the following bugs:\n\n* New version of the plugin is available: 0.9.4 (BZ#1812592)\n* [RFE] Handle host-related tasks in separate queue to avoid conflicts with user-related actions (BZ#1814424)\n* convert_string_to_bool doesn\u0027t deal with array type (BZ#1814425)\n* Publishing a new version of Content view is slow and taking huge time in Satellite 6.6. (BZ#1814426)\n* drpms not getting copied over cv publish (BZ#1814427)\n* file repo deletion is slow (BZ#1814428)\n* Unable to enable the tools repository for Satellite 6.6. (BZ#1818940)\n* satellite-installer --enable-foreman-plugin-inventory-upload still attempts to install old inventory package (BZ#1819911)\n\nUsers of Red Hat Satellite are advised to upgrade to these updated packages, which fix these bugs.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHBA-2020:1494", "url": "https://access.redhat.com/errata/RHBA-2020:1494" }, { "category": "external", "summary": "1812592", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1812592" }, { "category": "external", "summary": "1814424", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1814424" }, { "category": "external", "summary": "1814425", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1814425" }, { "category": "external", "summary": "1814426", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1814426" }, { "category": "external", "summary": "1814427", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1814427" }, { "category": "external", "summary": "1814428", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1814428" }, { "category": "external", "summary": "1818940", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1818940" }, { "category": "external", "summary": "1819911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819911" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhba-2020_1494.json" } ], "title": "Red Hat Bug Fix Advisory: Satellite 6.6.3 Async Bug Fix Update", "tracking": { "current_release_date": "2024-11-05T15:56:17+00:00", "generator": { "date": "2024-11-05T15:56:17+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHBA-2020:1494", "initial_release_date": "2020-04-16T19:46:36+00:00", "revision_history": [ { "date": "2020-04-16T19:46:36+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-04-16T19:46:36+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T15:56:17+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Satellite 6.6", "product": { "name": "Red Hat Satellite 6.6", "product_id": "7Server-Satellite66", "product_identification_helper": { "cpe": "cpe:/a:redhat:satellite:6.6::el7" } } }, { "category": "product_name", "name": "Red Hat Satellite Capsule 6.6", "product": { "name": "Red Hat Satellite Capsule 6.6", "product_id": "7Server-Capsule66", "product_identification_helper": { "cpe": "cpe:/a:redhat:satellite_capsule:6.6::el7" } } } ], "category": "product_family", "name": "Red Hat Satellite 6" }, { "branches": [ { "category": "product_version", "name": "candlepin-0:2.6.16-1.el7sat.noarch", "product": { "name": "candlepin-0:2.6.16-1.el7sat.noarch", "product_id": "candlepin-0:2.6.16-1.el7sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/candlepin@2.6.16-1.el7sat?arch=noarch" } } }, { "category": "product_version", "name": "candlepin-selinux-0:2.6.16-1.el7sat.noarch", "product": { "name": "candlepin-selinux-0:2.6.16-1.el7sat.noarch", "product_id": "candlepin-selinux-0:2.6.16-1.el7sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/candlepin-selinux@2.6.16-1.el7sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-0:1.22.0.39-2.el7sat.noarch", "product": { "name": "foreman-0:1.22.0.39-2.el7sat.noarch", "product_id": "foreman-0:1.22.0.39-2.el7sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman@1.22.0.39-2.el7sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-cli-0:1.22.0.39-2.el7sat.noarch", "product": { "name": "foreman-cli-0:1.22.0.39-2.el7sat.noarch", "product_id": "foreman-cli-0:1.22.0.39-2.el7sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-cli@1.22.0.39-2.el7sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-debug-0:1.22.0.39-2.el7sat.noarch", "product": { "name": "foreman-debug-0:1.22.0.39-2.el7sat.noarch", "product_id": "foreman-debug-0:1.22.0.39-2.el7sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-debug@1.22.0.39-2.el7sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "product": { "name": "foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "product_id": "foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-ec2@1.22.0.39-2.el7sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-gce-0:1.22.0.39-2.el7sat.noarch", "product": { "name": "foreman-gce-0:1.22.0.39-2.el7sat.noarch", "product_id": "foreman-gce-0:1.22.0.39-2.el7sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-gce@1.22.0.39-2.el7sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-journald-0:1.22.0.39-2.el7sat.noarch", "product": { "name": "foreman-journald-0:1.22.0.39-2.el7sat.noarch", "product_id": "foreman-journald-0:1.22.0.39-2.el7sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-journald@1.22.0.39-2.el7sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "product": { "name": "foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "product_id": "foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-libvirt@1.22.0.39-2.el7sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "product": { "name": "foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "product_id": "foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-openstack@1.22.0.39-2.el7sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "product": { "name": "foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "product_id": "foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-ovirt@1.22.0.39-2.el7sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "product": { "name": "foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "product_id": "foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-postgresql@1.22.0.39-2.el7sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "product": { "name": "foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "product_id": "foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-rackspace@1.22.0.39-2.el7sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "product": { "name": "foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "product_id": "foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-telemetry@1.22.0.39-2.el7sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "product": { "name": "foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "product_id": "foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-vmware@1.22.0.39-2.el7sat?arch=noarch" } } }, { "category": "product_version", "name": "satellite-0:6.6.3-1.el7sat.noarch", "product": { "name": "satellite-0:6.6.3-1.el7sat.noarch", "product_id": "satellite-0:6.6.3-1.el7sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite@6.6.3-1.el7sat?arch=noarch" } } }, { "category": "product_version", "name": "satellite-capsule-0:6.6.3-1.el7sat.noarch", "product": { "name": "satellite-capsule-0:6.6.3-1.el7sat.noarch", "product_id": "satellite-capsule-0:6.6.3-1.el7sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite-capsule@6.6.3-1.el7sat?arch=noarch" } } }, { "category": "product_version", "name": "satellite-cli-0:6.6.3-1.el7sat.noarch", "product": { "name": "satellite-cli-0:6.6.3-1.el7sat.noarch", "product_id": "satellite-cli-0:6.6.3-1.el7sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite-cli@6.6.3-1.el7sat?arch=noarch" } } }, { "category": "product_version", "name": "satellite-common-0:6.6.3-1.el7sat.noarch", "product": { "name": "satellite-common-0:6.6.3-1.el7sat.noarch", "product_id": "satellite-common-0:6.6.3-1.el7sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite-common@6.6.3-1.el7sat?arch=noarch" } } }, { "category": "product_version", "name": "satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "product": { "name": "satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "product_id": "satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite-debug-tools@6.6.3-1.el7sat?arch=noarch" } } }, { "category": "product_version", "name": "tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "product": { "name": "tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "product_id": "tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tfm-rubygem-fog-ovirt@1.2.3-1.el7sat?arch=noarch" } } }, { "category": "product_version", "name": "tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "product": { "name": "tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "product_id": "tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tfm-rubygem-foreman_rh_cloud@0.9.4.1-2.el7sat?arch=noarch" } } }, { "category": "product_version", "name": "tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "product": { "name": "tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "product_id": "tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tfm-rubygem-katello@3.12.0.41-1.el7sat?arch=noarch" } } }, { "category": "product_version", "name": "tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "product": { "name": "tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "product_id": "tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tfm-rubygem-runcible@2.13.0-1.el7sat?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "candlepin-0:2.6.16-1.el7sat.src", "product": { "name": "candlepin-0:2.6.16-1.el7sat.src", "product_id": "candlepin-0:2.6.16-1.el7sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/candlepin@2.6.16-1.el7sat?arch=src" } } }, { "category": "product_version", "name": "foreman-0:1.22.0.39-2.el7sat.src", "product": { "name": "foreman-0:1.22.0.39-2.el7sat.src", "product_id": "foreman-0:1.22.0.39-2.el7sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman@1.22.0.39-2.el7sat?arch=src" } } }, { "category": "product_version", "name": "satellite-0:6.6.3-1.el7sat.src", "product": { "name": "satellite-0:6.6.3-1.el7sat.src", "product_id": "satellite-0:6.6.3-1.el7sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite@6.6.3-1.el7sat?arch=src" } } }, { "category": "product_version", "name": "tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "product": { "name": "tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "product_id": "tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/tfm-rubygem-fog-ovirt@1.2.3-1.el7sat?arch=src" } } }, { "category": "product_version", "name": "tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "product": { "name": "tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "product_id": "tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/tfm-rubygem-foreman_rh_cloud@0.9.4.1-2.el7sat?arch=src" } } }, { "category": "product_version", "name": "tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "product": { "name": "tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "product_id": "tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/tfm-rubygem-katello@3.12.0.41-1.el7sat?arch=src" } } }, { "category": "product_version", "name": "tfm-rubygem-runcible-0:2.13.0-1.el7sat.src", "product": { "name": "tfm-rubygem-runcible-0:2.13.0-1.el7sat.src", "product_id": "tfm-rubygem-runcible-0:2.13.0-1.el7sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/tfm-rubygem-runcible@2.13.0-1.el7sat?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "foreman-0:1.22.0.39-2.el7sat.noarch as a component of Red Hat Satellite Capsule 6.6", "product_id": "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch" }, "product_reference": "foreman-0:1.22.0.39-2.el7sat.noarch", "relates_to_product_reference": "7Server-Capsule66" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:1.22.0.39-2.el7sat.src as a component of Red Hat Satellite Capsule 6.6", "product_id": "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src" }, "product_reference": "foreman-0:1.22.0.39-2.el7sat.src", "relates_to_product_reference": "7Server-Capsule66" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-cli-0:1.22.0.39-2.el7sat.noarch as a component of Red Hat Satellite Capsule 6.6", "product_id": "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch" }, "product_reference": "foreman-cli-0:1.22.0.39-2.el7sat.noarch", "relates_to_product_reference": "7Server-Capsule66" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-debug-0:1.22.0.39-2.el7sat.noarch as a component of Red Hat Satellite Capsule 6.6", "product_id": "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch" }, "product_reference": "foreman-debug-0:1.22.0.39-2.el7sat.noarch", "relates_to_product_reference": "7Server-Capsule66" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ec2-0:1.22.0.39-2.el7sat.noarch as a component of Red Hat Satellite Capsule 6.6", "product_id": "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch" }, "product_reference": "foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "relates_to_product_reference": "7Server-Capsule66" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-gce-0:1.22.0.39-2.el7sat.noarch as a component of Red Hat Satellite Capsule 6.6", "product_id": "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch" }, "product_reference": "foreman-gce-0:1.22.0.39-2.el7sat.noarch", "relates_to_product_reference": "7Server-Capsule66" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-journald-0:1.22.0.39-2.el7sat.noarch as a component of Red Hat Satellite Capsule 6.6", "product_id": "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch" }, "product_reference": "foreman-journald-0:1.22.0.39-2.el7sat.noarch", "relates_to_product_reference": "7Server-Capsule66" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-libvirt-0:1.22.0.39-2.el7sat.noarch as a component of Red Hat Satellite Capsule 6.6", "product_id": "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch" }, "product_reference": "foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "relates_to_product_reference": "7Server-Capsule66" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-openstack-0:1.22.0.39-2.el7sat.noarch as a component of Red Hat Satellite Capsule 6.6", "product_id": "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch" }, "product_reference": "foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "relates_to_product_reference": "7Server-Capsule66" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ovirt-0:1.22.0.39-2.el7sat.noarch as a component of Red Hat Satellite Capsule 6.6", "product_id": "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch" }, "product_reference": "foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "relates_to_product_reference": "7Server-Capsule66" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-postgresql-0:1.22.0.39-2.el7sat.noarch as a component of Red Hat Satellite Capsule 6.6", "product_id": "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch" }, "product_reference": "foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "relates_to_product_reference": "7Server-Capsule66" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-rackspace-0:1.22.0.39-2.el7sat.noarch as a component of Red Hat Satellite Capsule 6.6", "product_id": "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch" }, "product_reference": "foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "relates_to_product_reference": "7Server-Capsule66" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-telemetry-0:1.22.0.39-2.el7sat.noarch as a component of Red Hat Satellite Capsule 6.6", "product_id": "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch" }, "product_reference": "foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "relates_to_product_reference": "7Server-Capsule66" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-vmware-0:1.22.0.39-2.el7sat.noarch as a component of Red Hat Satellite Capsule 6.6", "product_id": "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch" }, "product_reference": "foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "relates_to_product_reference": "7Server-Capsule66" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.6.3-1.el7sat.noarch as a component of Red Hat Satellite Capsule 6.6", "product_id": "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch" }, "product_reference": "satellite-0:6.6.3-1.el7sat.noarch", "relates_to_product_reference": "7Server-Capsule66" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.6.3-1.el7sat.src as a component of Red Hat Satellite Capsule 6.6", "product_id": "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src" }, "product_reference": "satellite-0:6.6.3-1.el7sat.src", "relates_to_product_reference": "7Server-Capsule66" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-capsule-0:6.6.3-1.el7sat.noarch as a component of Red Hat Satellite Capsule 6.6", "product_id": "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch" }, "product_reference": "satellite-capsule-0:6.6.3-1.el7sat.noarch", "relates_to_product_reference": "7Server-Capsule66" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-cli-0:6.6.3-1.el7sat.noarch as a component of Red Hat Satellite Capsule 6.6", "product_id": "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch" }, "product_reference": "satellite-cli-0:6.6.3-1.el7sat.noarch", "relates_to_product_reference": "7Server-Capsule66" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-common-0:6.6.3-1.el7sat.noarch as a component of Red Hat Satellite Capsule 6.6", "product_id": "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch" }, "product_reference": "satellite-common-0:6.6.3-1.el7sat.noarch", "relates_to_product_reference": "7Server-Capsule66" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-debug-tools-0:6.6.3-1.el7sat.noarch as a component of Red Hat Satellite Capsule 6.6", "product_id": "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch" }, "product_reference": "satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "relates_to_product_reference": "7Server-Capsule66" }, { "category": "default_component_of", "full_product_name": { "name": "candlepin-0:2.6.16-1.el7sat.noarch as a component of Red Hat Satellite 6.6", "product_id": "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch" }, "product_reference": "candlepin-0:2.6.16-1.el7sat.noarch", "relates_to_product_reference": "7Server-Satellite66" }, { "category": "default_component_of", "full_product_name": { "name": "candlepin-0:2.6.16-1.el7sat.src as a component of Red Hat Satellite 6.6", "product_id": "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src" }, "product_reference": "candlepin-0:2.6.16-1.el7sat.src", "relates_to_product_reference": "7Server-Satellite66" }, { "category": "default_component_of", "full_product_name": { "name": "candlepin-selinux-0:2.6.16-1.el7sat.noarch as a component of Red Hat Satellite 6.6", "product_id": "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch" }, "product_reference": "candlepin-selinux-0:2.6.16-1.el7sat.noarch", "relates_to_product_reference": "7Server-Satellite66" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:1.22.0.39-2.el7sat.noarch as a component of Red Hat Satellite 6.6", "product_id": "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch" }, "product_reference": "foreman-0:1.22.0.39-2.el7sat.noarch", "relates_to_product_reference": "7Server-Satellite66" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:1.22.0.39-2.el7sat.src as a component of Red Hat Satellite 6.6", "product_id": "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src" }, "product_reference": "foreman-0:1.22.0.39-2.el7sat.src", "relates_to_product_reference": "7Server-Satellite66" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-cli-0:1.22.0.39-2.el7sat.noarch as a component of Red Hat Satellite 6.6", "product_id": "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch" }, "product_reference": "foreman-cli-0:1.22.0.39-2.el7sat.noarch", "relates_to_product_reference": "7Server-Satellite66" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-debug-0:1.22.0.39-2.el7sat.noarch as a component of Red Hat Satellite 6.6", "product_id": "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch" }, "product_reference": "foreman-debug-0:1.22.0.39-2.el7sat.noarch", "relates_to_product_reference": "7Server-Satellite66" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ec2-0:1.22.0.39-2.el7sat.noarch as a component of Red Hat Satellite 6.6", "product_id": "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch" }, "product_reference": "foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "relates_to_product_reference": "7Server-Satellite66" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-gce-0:1.22.0.39-2.el7sat.noarch as a component of Red Hat Satellite 6.6", "product_id": "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch" }, "product_reference": "foreman-gce-0:1.22.0.39-2.el7sat.noarch", "relates_to_product_reference": "7Server-Satellite66" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-journald-0:1.22.0.39-2.el7sat.noarch as a component of Red Hat Satellite 6.6", "product_id": "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch" }, "product_reference": "foreman-journald-0:1.22.0.39-2.el7sat.noarch", "relates_to_product_reference": "7Server-Satellite66" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-libvirt-0:1.22.0.39-2.el7sat.noarch as a component of Red Hat Satellite 6.6", "product_id": "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch" }, "product_reference": "foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "relates_to_product_reference": "7Server-Satellite66" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-openstack-0:1.22.0.39-2.el7sat.noarch as a component of Red Hat Satellite 6.6", "product_id": "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch" }, "product_reference": "foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "relates_to_product_reference": "7Server-Satellite66" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ovirt-0:1.22.0.39-2.el7sat.noarch as a component of Red Hat Satellite 6.6", "product_id": "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch" }, "product_reference": "foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "relates_to_product_reference": "7Server-Satellite66" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-postgresql-0:1.22.0.39-2.el7sat.noarch as a component of Red Hat Satellite 6.6", "product_id": "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch" }, "product_reference": "foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "relates_to_product_reference": "7Server-Satellite66" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-rackspace-0:1.22.0.39-2.el7sat.noarch as a component of Red Hat Satellite 6.6", "product_id": "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch" }, "product_reference": "foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "relates_to_product_reference": "7Server-Satellite66" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-telemetry-0:1.22.0.39-2.el7sat.noarch as a component of Red Hat Satellite 6.6", "product_id": "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch" }, "product_reference": "foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "relates_to_product_reference": "7Server-Satellite66" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-vmware-0:1.22.0.39-2.el7sat.noarch as a component of Red Hat Satellite 6.6", "product_id": "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch" }, "product_reference": "foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "relates_to_product_reference": "7Server-Satellite66" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.6.3-1.el7sat.noarch as a component of Red Hat Satellite 6.6", "product_id": "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch" }, "product_reference": "satellite-0:6.6.3-1.el7sat.noarch", "relates_to_product_reference": "7Server-Satellite66" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.6.3-1.el7sat.src as a component of Red Hat Satellite 6.6", "product_id": "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src" }, "product_reference": "satellite-0:6.6.3-1.el7sat.src", "relates_to_product_reference": "7Server-Satellite66" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-capsule-0:6.6.3-1.el7sat.noarch as a component of Red Hat Satellite 6.6", "product_id": "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch" }, "product_reference": "satellite-capsule-0:6.6.3-1.el7sat.noarch", "relates_to_product_reference": "7Server-Satellite66" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-cli-0:6.6.3-1.el7sat.noarch as a component of Red Hat Satellite 6.6", "product_id": "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch" }, "product_reference": "satellite-cli-0:6.6.3-1.el7sat.noarch", "relates_to_product_reference": "7Server-Satellite66" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-common-0:6.6.3-1.el7sat.noarch as a component of Red Hat Satellite 6.6", "product_id": "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch" }, "product_reference": "satellite-common-0:6.6.3-1.el7sat.noarch", "relates_to_product_reference": "7Server-Satellite66" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-debug-tools-0:6.6.3-1.el7sat.noarch as a component of Red Hat Satellite 6.6", "product_id": "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch" }, "product_reference": "satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "relates_to_product_reference": "7Server-Satellite66" }, { "category": "default_component_of", "full_product_name": { "name": "tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch as a component of Red Hat Satellite 6.6", "product_id": "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch" }, "product_reference": "tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "relates_to_product_reference": "7Server-Satellite66" }, { "category": "default_component_of", "full_product_name": { "name": "tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src as a component of Red Hat Satellite 6.6", "product_id": "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src" }, "product_reference": "tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "relates_to_product_reference": "7Server-Satellite66" }, { "category": "default_component_of", "full_product_name": { "name": "tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch as a component of Red Hat Satellite 6.6", "product_id": "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch" }, "product_reference": "tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "relates_to_product_reference": "7Server-Satellite66" }, { "category": "default_component_of", "full_product_name": { "name": "tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src as a component of Red Hat Satellite 6.6", "product_id": "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src" }, "product_reference": "tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "relates_to_product_reference": "7Server-Satellite66" }, { "category": "default_component_of", "full_product_name": { "name": "tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch as a component of Red Hat Satellite 6.6", "product_id": "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch" }, "product_reference": "tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "relates_to_product_reference": "7Server-Satellite66" }, { "category": "default_component_of", "full_product_name": { "name": "tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src as a component of Red Hat Satellite 6.6", "product_id": "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src" }, "product_reference": "tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "relates_to_product_reference": "7Server-Satellite66" }, { "category": "default_component_of", "full_product_name": { "name": "tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch as a component of Red Hat Satellite 6.6", "product_id": "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch" }, "product_reference": "tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "relates_to_product_reference": "7Server-Satellite66" }, { "category": "default_component_of", "full_product_name": { "name": "tfm-rubygem-runcible-0:2.13.0-1.el7sat.src as a component of Red Hat Satellite 6.6", "product_id": "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" }, "product_reference": "tfm-rubygem-runcible-0:2.13.0-1.el7sat.src", "relates_to_product_reference": "7Server-Satellite66" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-12086", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-05-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1713468" } ], "notes": [ { "category": "description", "text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint, the service has the mysql-connector-java jar (8.0.14 or earlier) in the classpath, and an attacker can host a crafted MySQL server reachable by the victim, an attacker can send a crafted JSON message that allows them to read arbitrary local files on the server. This occurs because of missing com.mysql.cj.jdbc.admin.MiniAdmin validation.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server.", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-12086" }, { "category": "external", "summary": "RHBZ#1713468", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713468" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-12086", "url": "https://www.cve.org/CVERecord?id=CVE-2019-12086" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-12086", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12086" } ], "release_date": "2019-05-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-16T19:46:36+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", "product_ids": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2020:1494" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 0.0, "baseSeverity": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N", "version": "3.0" }, "products": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server." }, { "cve": "CVE-2019-20330", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2020-01-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1793154" } ], "notes": [ { "category": "description", "text": "FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: lacks certain net.sf.ehcache blocking", "title": "Vulnerability summary" }, { "category": "other", "text": "While OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-20330" }, { "category": "external", "summary": "RHBZ#1793154", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793154" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-20330", "url": "https://www.cve.org/CVERecord?id=CVE-2019-20330" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-20330", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20330" } ], "release_date": "2020-01-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-16T19:46:36+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", "product_ids": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2020:1494" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jackson-databind: lacks certain net.sf.ehcache blocking" }, { "cve": "CVE-2020-8840", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2020-03-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1816330" } ], "notes": [ { "category": "description", "text": "A flaw was found in FasterXML jackson-databind in versions 2.0.0 through 2.9.10.2. A \"gadget\" exploit is possible due to a lack of a Java object being blocking from being deserialized. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Lacks certain xbean-reflect/JNDI blocking", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-8840" }, { "category": "external", "summary": "RHBZ#1816330", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816330" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-8840", "url": "https://www.cve.org/CVERecord?id=CVE-2020-8840" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8840", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8840" } ], "release_date": "2020-03-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-16T19:46:36+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", "product_ids": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2020:1494" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 0.0, "baseSeverity": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N", "version": "3.1" }, "products": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jackson-databind: Lacks certain xbean-reflect/JNDI blocking" }, { "cve": "CVE-2020-9546", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2020-03-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1816332" } ], "notes": [ { "category": "description", "text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in shaded-hikari-config", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-9546" }, { "category": "external", "summary": "RHBZ#1816332", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816332" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-9546", "url": "https://www.cve.org/CVERecord?id=CVE-2020-9546" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9546", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9546" } ], "release_date": "2020-03-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-16T19:46:36+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", "product_ids": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2020:1494" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 0.0, "baseSeverity": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N", "version": "3.1" }, "products": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jackson-databind: Serialization gadgets in shaded-hikari-config" }, { "cve": "CVE-2020-9547", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2020-03-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1816337" } ], "notes": [ { "category": "description", "text": "A flaw was found in jackson-databind 2.x. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in ibatis-sqlmap", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-9547" }, { "category": "external", "summary": "RHBZ#1816337", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816337" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-9547", "url": "https://www.cve.org/CVERecord?id=CVE-2020-9547" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9547", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9547" } ], "release_date": "2020-03-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-16T19:46:36+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", "product_ids": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2020:1494" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 0.0, "baseSeverity": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N", "version": "3.1" }, "products": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jackson-databind: Serialization gadgets in ibatis-sqlmap" }, { "cve": "CVE-2020-9548", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2020-03-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1816340" } ], "notes": [ { "category": "description", "text": "A flaw was found in jackson-databind 2.x. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in anteros-core", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-9548" }, { "category": "external", "summary": "RHBZ#1816340", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816340" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-9548", "url": "https://www.cve.org/CVERecord?id=CVE-2020-9548" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9548", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9548" } ], "release_date": "2020-03-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-16T19:46:36+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", "product_ids": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2020:1494" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 0.0, "baseSeverity": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N", "version": "3.1" }, "products": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jackson-databind: Serialization gadgets in anteros-core" }, { "cve": "CVE-2020-10968", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2020-03-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1819208" } ], "notes": [ { "category": "description", "text": "A flaw was found in jackson-databind 2.x prior to version 2.9.10.4. The interaction between serialization gadgets and typing is mishandled in the bus-proxy. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in org.aoju.bus.proxy.provider.*.RmiProvider", "title": "Vulnerability summary" }, { "category": "other", "text": "While OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nThe PKI module as shipped in Red Hat Enterprise Linux 8 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used, lowering the impact of the vulnerability for the Product. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-10968" }, { "category": "external", "summary": "RHBZ#1819208", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819208" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-10968", "url": "https://www.cve.org/CVERecord?id=CVE-2020-10968" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10968", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10968" } ], "release_date": "2020-03-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-16T19:46:36+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", "product_ids": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2020:1494" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 0.0, "baseSeverity": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:N", "version": "3.1" }, "products": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jackson-databind: Serialization gadgets in org.aoju.bus.proxy.provider.*.RmiProvider" }, { "cve": "CVE-2020-10969", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2020-03-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1819212" } ], "notes": [ { "category": "description", "text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in javax.swing.JEditorPane", "title": "Vulnerability summary" }, { "category": "other", "text": "While OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nThe PKI module as shipped in Red Hat Enterprise Linux 8 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used, lowering the impact of the vulnerability for the Product. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-10969" }, { "category": "external", "summary": "RHBZ#1819212", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819212" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-10969", "url": "https://www.cve.org/CVERecord?id=CVE-2020-10969" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10969", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10969" } ], "release_date": "2020-03-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-16T19:46:36+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", "product_ids": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2020:1494" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 0.0, "baseSeverity": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N", "version": "3.1" }, "products": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jackson-databind: Serialization gadgets in javax.swing.JEditorPane" }, { "cve": "CVE-2020-11619", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2020-04-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1826805" } ], "notes": [ { "category": "description", "text": "A flaw was found in jackson-databind 2.x. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in org.springframework:spring-aop", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe PKI module as shipped in Red Hat Enterprise Linux 8 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used, lowering the impact of the vulnerability for the Product. We may update the jackson-databind dependency in a future release.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11619" }, { "category": "external", "summary": "RHBZ#1826805", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1826805" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11619", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11619" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11619", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11619" } ], "release_date": "2020-04-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-16T19:46:36+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", "product_ids": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2020:1494" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 0.0, "baseSeverity": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:N", "version": "3.1" }, "products": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jackson-databind: Serialization gadgets in org.springframework:spring-aop" }, { "cve": "CVE-2020-14060", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2020-06-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1848960" } ], "notes": [ { "category": "description", "text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.5. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: serialization in oadd.org.apache.xalan.lib.sql.JNDIConnectionPool", "title": "Vulnerability summary" }, { "category": "other", "text": "While OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe PKI module as shipped in Red Hat Enterprise Linux 8 and Red Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used, lowering the impact of the vulnerability for the Product. We may update the jackson-databind dependency in a future release.\n\nThe version of jackson-databind as shipped in Red Hat Software Collections rh-maven35 is used only while building maven, thus it does not deserialize data coming from untrusted sources, lowering the impact of the vulnerability for the Product.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-14060" }, { "category": "external", "summary": "RHBZ#1848960", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848960" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-14060", "url": "https://www.cve.org/CVERecord?id=CVE-2020-14060" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14060", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14060" } ], "release_date": "2020-05-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-16T19:46:36+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", "product_ids": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2020:1494" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* enableDefaultTyping()\n* @JsonTypeInfo using id.CLASS or id.MINIMAL_CLASS\n* oadd.org.apache.xalan.lib.sql.JNDIConnectionPool in classpath", "product_ids": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: serialization in oadd.org.apache.xalan.lib.sql.JNDIConnectionPool" }, { "cve": "CVE-2020-14061", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2020-06-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1848966" } ], "notes": [ { "category": "description", "text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.5. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: serialization in weblogic/oracle-aqjms", "title": "Vulnerability summary" }, { "category": "other", "text": "While OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe PKI module as shipped in Red Hat Enterprise Linux 8 and Red Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used, lowering the impact of the vulnerability for the Product. We may update the jackson-databind dependency in a future release.\n\nThe version of jackson-databind as shipped in Red Hat Software Collections rh-maven35 is used only while building maven, thus it does not deserialize data coming from untrusted sources, lowering the impact of the vulnerability for the Product.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-14061" }, { "category": "external", "summary": "RHBZ#1848966", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848966" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-14061", "url": "https://www.cve.org/CVERecord?id=CVE-2020-14061" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14061", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14061" } ], "release_date": "2020-05-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-16T19:46:36+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", "product_ids": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2020:1494" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* enableDefaultTyping()\n* @JsonTypeInfo using id.CLASS or id.MINIMAL_CLASS\n* oracle.jms.AQjms*ConnectionFactory in classpath", "product_ids": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jackson-databind: serialization in weblogic/oracle-aqjms" }, { "cve": "CVE-2020-14062", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2020-06-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1848962" } ], "notes": [ { "category": "description", "text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.5. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: serialization in com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool", "title": "Vulnerability summary" }, { "category": "other", "text": "While OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe PKI module as shipped in Red Hat Enterprise Linux 8 and Red Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used, lowering the impact of the vulnerability for the Product. We may update the jackson-databind dependency in a future release.\n\nThe version of jackson-databind as shipped in Red Hat Software Collections rh-maven35 is used only while building maven, thus it does not deserialize data coming from untrusted sources, lowering the impact of the vulnerability for the Product.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-14062" }, { "category": "external", "summary": "RHBZ#1848962", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848962" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-14062", "url": "https://www.cve.org/CVERecord?id=CVE-2020-14062" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14062", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14062" } ], "release_date": "2020-05-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-16T19:46:36+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", "product_ids": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2020:1494" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* enableDefaultTyping()\n* @JsonTypeInfo using id.CLASS or id.MINIMAL_CLASS\n* com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool in classpath", "product_ids": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jackson-databind: serialization in com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool" }, { "cve": "CVE-2020-14195", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2020-06-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1848958" } ], "notes": [ { "category": "description", "text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.5. FasterXML jackson-databind mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: serialization in org.jsecurity.realm.jndi.JndiRealmFactory", "title": "Vulnerability summary" }, { "category": "other", "text": "While OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe PKI module as shipped in Red Hat Enterprise Linux 8 and Red Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used, lowering the impact of the vulnerability for the Product. We may update the jackson-databind dependency in a future release.\n\nThe version of jackson-databind as shipped in Red Hat Software Collections rh-maven35 is used only while building maven, thus it does not deserialize data coming from untrusted sources, lowering the impact of the vulnerability for the Product.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-14195" }, { "category": "external", "summary": "RHBZ#1848958", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848958" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-14195", "url": "https://www.cve.org/CVERecord?id=CVE-2020-14195" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14195", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14195" } ], "release_date": "2020-06-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-16T19:46:36+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", "product_ids": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2020:1494" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* enableDefaultTyping()\n* @JsonTypeInfo using id.CLASS or id.MINIMAL_CLASS\n* org.jsecurity.realm.jndi.JndiRealmFactory in classpath", "product_ids": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Capsule66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-0:6.6.3-1.el7sat.src", "7Server-Capsule66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Capsule66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:candlepin-0:2.6.16-1.el7sat.src", "7Server-Satellite66:candlepin-selinux-0:2.6.16-1.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-0:1.22.0.39-2.el7sat.src", "7Server-Satellite66:foreman-cli-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-debug-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ec2-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-gce-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-journald-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-libvirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-openstack-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-ovirt-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-postgresql-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-rackspace-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-telemetry-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:foreman-vmware-0:1.22.0.39-2.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-0:6.6.3-1.el7sat.src", "7Server-Satellite66:satellite-capsule-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-cli-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-common-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:satellite-debug-tools-0:6.6.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-fog-ovirt-0:1.2.3-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-foreman_rh_cloud-0:0.9.4.1-2.el7sat.src", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-katello-0:3.12.0.41-1.el7sat.src", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.noarch", "7Server-Satellite66:tfm-rubygem-runcible-0:2.13.0-1.el7sat.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jackson-databind: serialization in org.jsecurity.realm.jndi.JndiRealmFactory" } ] }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.