rhsa-2016:0426
Vulnerability from csaf_redhat
Published
2016-03-09 20:20
Modified
2024-11-14 15:35
Summary
Red Hat Security Advisory: redhat-support-plugin-rhev security, bug fix and enhancement update

Notes

Topic
Updated redhat-support-plugin-rhev packages that fix a security flaw and a bug are now available. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
Details
The Red Hat Support plug-in for Red Hat Enterprise Virtualization offers seamless integrated access to Red Hat subscription services from the Red Hat Enterprise Virtualization administration portal. The plug-in provides automated functionality that enables quicker help, answers, and proactive services. It offers easy and instant access to Red Hat exclusive knowledge, resources, engagement, and diagnostic features. It was found that redhat-support-plugin-rhev passed a user-specified path and file name directly to the command line in the log viewer component. This could allow users with the SuperUser role on any Entity to execute arbitrary commands on any host in the RHEV environment. (CVE-2015-7544) All Red Hat Enterprise Virtualization Manager users are advised to upgrade to these updated packages.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.


To clipboard 

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated redhat-support-plugin-rhev packages that fix a security flaw \nand a bug are now available.\n\nRed Hat Product Security has rated this update as having Important \nsecurity impact. Common Vulnerability Scoring System (CVSS) base \nscores, which give detailed severity ratings, are available for each \nvulnerability from the CVE links in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The Red Hat Support plug-in for Red Hat Enterprise Virtualization \noffers seamless integrated access to Red Hat subscription services \nfrom the Red Hat Enterprise Virtualization administration portal. The \nplug-in provides automated functionality that enables quicker help, \nanswers, and proactive services. It offers easy and instant access to \nRed Hat exclusive knowledge, resources, engagement, and diagnostic \nfeatures.\n\nIt was found that redhat-support-plugin-rhev passed a user-specified \npath and file name directly to the command line in the log viewer \ncomponent. This could allow users with the SuperUser role on any \nEntity to execute arbitrary commands on any host in the RHEV \nenvironment. (CVE-2015-7544)\n\nAll Red Hat Enterprise Virtualization Manager users are advised to \nupgrade to these updated packages.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2016:0426",
        "url": "https://access.redhat.com/errata/RHSA-2016:0426"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "1138310",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1138310"
      },
      {
        "category": "external",
        "summary": "1173074",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1173074"
      },
      {
        "category": "external",
        "summary": "1269588",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1269588"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_0426.json"
      }
    ],
    "title": "Red Hat Security Advisory: redhat-support-plugin-rhev security, bug fix and enhancement update",
    "tracking": {
      "current_release_date": "2024-11-14T15:35:53+00:00",
      "generator": {
        "date": "2024-11-14T15:35:53+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.0"
        }
      },
      "id": "RHSA-2016:0426",
      "initial_release_date": "2016-03-09T20:20:37+00:00",
      "revision_history": [
        {
          "date": "2016-03-09T20:20:37+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2016-03-09T20:20:37+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-14T15:35:53+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "RHEV-M 3.6",
                "product": {
                  "name": "RHEV-M 3.6",
                  "product_id": "6Server-RHEV-S-3.6",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhev_manager:3"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Virtualization"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "redhat-support-plugin-rhev-0:3.6.0-12.el6.noarch",
                "product": {
                  "name": "redhat-support-plugin-rhev-0:3.6.0-12.el6.noarch",
                  "product_id": "redhat-support-plugin-rhev-0:3.6.0-12.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/redhat-support-plugin-rhev@3.6.0-12.el6?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "redhat-support-plugin-rhev-0:3.6.0-12.el6.src",
                "product": {
                  "name": "redhat-support-plugin-rhev-0:3.6.0-12.el6.src",
                  "product_id": "redhat-support-plugin-rhev-0:3.6.0-12.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/redhat-support-plugin-rhev@3.6.0-12.el6?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "redhat-support-plugin-rhev-0:3.6.0-12.el6.noarch as a component of RHEV-M 3.6",
          "product_id": "6Server-RHEV-S-3.6:redhat-support-plugin-rhev-0:3.6.0-12.el6.noarch"
        },
        "product_reference": "redhat-support-plugin-rhev-0:3.6.0-12.el6.noarch",
        "relates_to_product_reference": "6Server-RHEV-S-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "redhat-support-plugin-rhev-0:3.6.0-12.el6.src as a component of RHEV-M 3.6",
          "product_id": "6Server-RHEV-S-3.6:redhat-support-plugin-rhev-0:3.6.0-12.el6.src"
        },
        "product_reference": "redhat-support-plugin-rhev-0:3.6.0-12.el6.src",
        "relates_to_product_reference": "6Server-RHEV-S-3.6"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "Alexander Wels"
          ],
          "organization": "Red Hat",
          "summary": "This issue was discovered by Red Hat."
        }
      ],
      "cve": "CVE-2015-7544",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2015-10-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1269588"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that redhat-support-plugin-rhev passed a user-specified path and file name directly to the command line in the log viewer component. This could allow users with the SuperUser role on any Entity to execute arbitrary commands on any host in the RHEV environment.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "redhat-support-plugin-rhev: Remote code execution by SuperUser role on hosts in RHEV",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-RHEV-S-3.6:redhat-support-plugin-rhev-0:3.6.0-12.el6.noarch",
          "6Server-RHEV-S-3.6:redhat-support-plugin-rhev-0:3.6.0-12.el6.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-7544"
        },
        {
          "category": "external",
          "summary": "RHBZ#1269588",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1269588"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-7544",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-7544"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-7544",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7544"
        }
      ],
      "release_date": "2015-12-07T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2016-03-09T20:20:37+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-RHEV-S-3.6:redhat-support-plugin-rhev-0:3.6.0-12.el6.noarch",
            "6Server-RHEV-S-3.6:redhat-support-plugin-rhev-0:3.6.0-12.el6.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2016:0426"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "SINGLE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.6,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:M/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          "products": [
            "6Server-RHEV-S-3.6:redhat-support-plugin-rhev-0:3.6.0-12.el6.noarch",
            "6Server-RHEV-S-3.6:redhat-support-plugin-rhev-0:3.6.0-12.el6.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "redhat-support-plugin-rhev: Remote code execution by SuperUser role on hosts in RHEV"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.