Vulnerability-Lookup

WID-SEC-W-2023-2862

Vulnerability from csaf_certbund - Published: 2023-11-08 23:00 - Updated: 2024-12-12 23:00

Summary

Red Hat Enterprise Linux: Mehrere Schwachstellen

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Red Hat Enterprise Linux (RHEL) ist eine populäre Linux-Distribution.

Angriff: Ein entfernter Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux ausnutzen, um vertrauliche Informationen offenzulegen oder einen nicht näher spezifizierten Angriff zu starten.

Betroffene Betriebssysteme: - Linux

CVE-2023-37920

Es besteht eine Schwachstelle in Red Hat Enterprise Linux, die auftritt, wenn das e-Tugra-Root-Zertifikat in Certifi entfernt wird. Ein Angreifer kann diese Schwachstelle ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen.

CVE-2023-43804

Es besteht eine Schwachstelle in Red Hat Enterprise Linux. Dieser Fehler besteht in der urllib3-Komponente, die es ermöglicht, einen `Cookie`-Header zu spezifizieren und unwissentlich Informationen über HTTP-Umleitungen zu einem anderen Ursprung weiterzugeben. Ein entfernter, authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen.

References

URL

Category

	https://wid.cert-bund.de/.well-known/csaf/white/2…	self
	https://wid.cert-bund.de/portal/wid/securityadvis…	self
	https://access.redhat.com/errata/RHSA-2023:6812	external
	https://ubuntu.com/security/notices/USN-6473-2	external
	https://access.redhat.com/errata/RHSA-2023:7407	external
	https://access.redhat.com/errata/RHSA-2023:7378	external
	https://access.redhat.com/errata/RHSA-2023:7435	external
	https://access.redhat.com/errata/RHSA-2023:7385	external
	https://access.redhat.com/errata/RHSA-2023:7528	external
	https://access.redhat.com/errata/RHSA-2023:7523	external
	https://access.redhat.com/errata/RHSA-2023:7753	external
	https://linux.oracle.com/errata/ELSA-2023-7753.html	external
	http://linux.oracle.com/errata/ELSA-2024-0116.html	external
	https://access.redhat.com/errata/RHSA-2024:0116	external
	https://access.redhat.com/errata/RHSA-2024:0133	external
	http://linux.oracle.com/errata/ELSA-2024-0133.html	external
	https://access.redhat.com/errata/RHSA-2024:0187	external
	https://access.redhat.com/errata/RHSA-2024:0300	external
	https://linux.oracle.com/errata/ELSA-2024-0464.html	external
	https://access.redhat.com/errata/RHSA-2024:0464	external
	https://access.redhat.com/errata/RHSA-2024:0588	external
	https://access.redhat.com/errata/RHSA-2024:0733	external
	https://access.redhat.com/errata/RHSA-2024:1383	external
	https://access.redhat.com/errata/RHSA-2024:2159	external
	https://access.redhat.com/errata/RHSA-2024:2987	external
	https://access.redhat.com/errata/RHSA-2024:2986	external
	https://access.redhat.com/errata/RHSA-2024:2985	external
	https://linux.oracle.com/errata/ELSA-2024-2987.html	external
	https://linux.oracle.com/errata/ELSA-2024-2985.html	external
	https://www.ibm.com/support/pages/node/7173420	external
	https://access.redhat.com/errata/RHSA-2024:8228	external
	https://access.redhat.com/errata/RHSA-2024:8318	external
	https://security.netapp.com/advisory/ntap-2024121…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Red Hat Enterprise Linux (RHEL) ist eine popul\u00e4re Linux-Distribution.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux ausnutzen, um vertrauliche Informationen offenzulegen oder einen nicht n\u00e4her spezifizierten Angriff zu starten.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-2862 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2862.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-2862 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2862"
      },
      {
        "category": "external",
        "summary": "RedHat Security Advisory vom 2023-11-08",
        "url": "https://access.redhat.com/errata/RHSA-2023:6812"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6473-2 vom 2023-11-15",
        "url": "https://ubuntu.com/security/notices/USN-6473-2"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:7407 vom 2023-11-21",
        "url": "https://access.redhat.com/errata/RHSA-2023:7407"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:7378 vom 2023-11-21",
        "url": "https://access.redhat.com/errata/RHSA-2023:7378"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:7435 vom 2023-11-21",
        "url": "https://access.redhat.com/errata/RHSA-2023:7435"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:7385 vom 2023-11-21",
        "url": "https://access.redhat.com/errata/RHSA-2023:7385"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:7528 vom 2023-11-28",
        "url": "https://access.redhat.com/errata/RHSA-2023:7528"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:7523 vom 2023-11-28",
        "url": "https://access.redhat.com/errata/RHSA-2023:7523"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:7753 vom 2023-12-13",
        "url": "https://access.redhat.com/errata/RHSA-2023:7753"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2023-7753 vom 2023-12-19",
        "url": "https://linux.oracle.com/errata/ELSA-2023-7753.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-0116 vom 2024-01-11",
        "url": "http://linux.oracle.com/errata/ELSA-2024-0116.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0116 vom 2024-01-10",
        "url": "https://access.redhat.com/errata/RHSA-2024:0116"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0133 vom 2024-01-10",
        "url": "https://access.redhat.com/errata/RHSA-2024:0133"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-0133 vom 2024-01-13",
        "url": "http://linux.oracle.com/errata/ELSA-2024-0133.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0187 vom 2024-01-17",
        "url": "https://access.redhat.com/errata/RHSA-2024:0187"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0300 vom 2024-01-19",
        "url": "https://access.redhat.com/errata/RHSA-2024:0300"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-0464 vom 2024-01-25",
        "url": "https://linux.oracle.com/errata/ELSA-2024-0464.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0464 vom 2024-01-25",
        "url": "https://access.redhat.com/errata/RHSA-2024:0464"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0588 vom 2024-01-30",
        "url": "https://access.redhat.com/errata/RHSA-2024:0588"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0322 vom 2024-02-07",
        "url": "https://access.redhat.com/errata/RHSA-2024:0733"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:1383 vom 2024-03-19",
        "url": "https://access.redhat.com/errata/RHSA-2024:1383"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:2159 vom 2024-04-30",
        "url": "https://access.redhat.com/errata/RHSA-2024:2159"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:2987 vom 2024-05-22",
        "url": "https://access.redhat.com/errata/RHSA-2024:2987"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:2986 vom 2024-05-22",
        "url": "https://access.redhat.com/errata/RHSA-2024:2986"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:2985 vom 2024-05-22",
        "url": "https://access.redhat.com/errata/RHSA-2024:2985"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-2987 vom 2024-05-28",
        "url": "https://linux.oracle.com/errata/ELSA-2024-2987.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-2985 vom 2024-05-28",
        "url": "https://linux.oracle.com/errata/ELSA-2024-2985.html"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7173420 vom 2024-10-17",
        "url": "https://www.ibm.com/support/pages/node/7173420"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:8228 vom 2024-10-22",
        "url": "https://access.redhat.com/errata/RHSA-2024:8228"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:8318 vom 2024-10-23",
        "url": "https://access.redhat.com/errata/RHSA-2024:8318"
      },
      {
        "category": "external",
        "summary": "NetApp Security Advisory NTAP-20241213-0007 vom 2024-12-13",
        "url": "https://security.netapp.com/advisory/ntap-20241213-0007/"
      }
    ],
    "source_lang": "en-US",
    "title": "Red Hat Enterprise Linux: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-12-12T23:00:00.000+00:00",
      "generator": {
        "date": "2024-12-13T12:42:16.264+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.10"
        }
      },
      "id": "WID-SEC-W-2023-2862",
      "initial_release_date": "2023-11-08T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2023-11-08T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2023-11-15T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2023-11-21T23:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2023-11-28T23:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2023-12-12T23:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2023-12-19T23:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-01-10T23:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von Oracle Linux und Red Hat aufgenommen"
        },
        {
          "date": "2024-01-14T23:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-01-16T23:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-01-18T23:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-01-25T23:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von Oracle Linux und Red Hat aufgenommen"
        },
        {
          "date": "2024-01-30T23:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-02-07T23:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-03-19T23:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-04-29T22:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-05-21T22:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-05-28T22:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-10-17T22:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-10-22T22:00:00.000+00:00",
          "number": "19",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-10-23T22:00:00.000+00:00",
          "number": "20",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-12-12T23:00:00.000+00:00",
          "number": "21",
          "summary": "Neue Updates von NetApp aufgenommen"
        }
      ],
      "status": "final",
      "version": "21"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "NetApp ActiveIQ Unified Manager",
            "product": {
              "name": "NetApp ActiveIQ Unified Manager",
              "product_id": "T037607",
              "product_identification_helper": {
                "cpe": "cpe:/a:netapp:active_iq_unified_manager:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "NetApp"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux",
                "product": {
                  "name": "Red Hat Enterprise Linux",
                  "product_id": "67646",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:-"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux",
                "product": {
                  "name": "Red Hat Enterprise Linux",
                  "product_id": "T030999",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:-"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "Container Platform \u003c4.17.2",
                "product": {
                  "name": "Red Hat OpenShift Container Platform \u003c4.17.2",
                  "product_id": "T038527"
                }
              },
              {
                "category": "product_version",
                "name": "Container Platform 4.17.2",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.17.2",
                  "product_id": "T038527-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:container_platform__4.17.2"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "OpenShift"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c17.1",
                "product": {
                  "name": "Red Hat OpenStack \u003c17.1",
                  "product_id": "T029321"
                }
              },
              {
                "category": "product_version",
                "name": "17.1",
                "product": {
                  "name": "Red Hat OpenStack 17.1",
                  "product_id": "T029321-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openstack:17.1"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "OpenStack"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-37920",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in Red Hat Enterprise Linux, die auftritt, wenn das e-Tugra-Root-Zertifikat in Certifi entfernt wird. Ein Angreifer kann diese Schwachstelle ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029321",
          "T037607",
          "67646",
          "T038527",
          "T000126",
          "T030999",
          "T004914"
        ]
      },
      "release_date": "2023-11-08T23:00:00.000+00:00",
      "title": "CVE-2023-37920"
    },
    {
      "cve": "CVE-2023-43804",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in Red Hat Enterprise Linux. Dieser Fehler besteht in der urllib3-Komponente, die es erm\u00f6glicht, einen `Cookie`-Header zu spezifizieren und unwissentlich Informationen \u00fcber HTTP-Umleitungen zu einem anderen Ursprung weiterzugeben. Ein entfernter, authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029321",
          "T037607",
          "67646",
          "T038527",
          "T000126",
          "T030999",
          "T004914"
        ]
      },
      "release_date": "2023-11-08T23:00:00.000+00:00",
      "title": "CVE-2023-43804"
    }
  ]
}

CVE-2023-43804 (GCVE-0-2023-43804)

Vulnerability from cvelistv5 – Published: 2023-10-04 16:01 – Updated: 2025-11-03 21:49

Title

`Cookie` HTTP header isn't stripped on cross-origin redirects

Summary

urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the `Cookie` HTTP header special or provide any helpers for managing cookies over HTTP, that is the responsibility of the user. However, it is possible for a user to specify a `Cookie` header and unknowingly leak information via HTTP redirects to a different origin if that user doesn't disable redirects explicitly. This issue has been patched in urllib3 version 1.26.17 or 2.0.5.

Severity ?

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N

CWE

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Assigner

GitHub_M

References

URL

	Vendor	Product	Version
	urllib3	urllib3	Affected: >= 2.0.0, < 2.0.6 Affected: < 1.26.17

CVE-2023-37920 (GCVE-0-2023-37920)

Vulnerability from cvelistv5 – Published: 2023-07-25 20:45 – Updated: 2025-03-05 18:47

Title

Certifi's removal of e-Tugra root certificate

Summary

Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes "e-Tugra" root certificates. e-Tugra's root certificates were subject to an investigation prompted by reporting of security issues in their systems. Certifi 2023.07.22 removes root certificates from "e-Tugra" from the root store.

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE

CWE-345 - Insufficient Verification of Data Authenticity

Assigner

GitHub_M

References

URL

	Vendor	Product	Version
	certifi	python-certifi	Affected: >= 2015.04.28, < 2023.07.22

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

WID-SEC-W-2023-2862

CVE-2023-43804 (GCVE-0-2023-43804)

CVE-2023-37920 (GCVE-0-2023-37920)

Tags

Sightings

Nomenclature