Risk | High |
Patch available | YES |
Number of vulnerabilities | 12 |
CVE-ID | CVE-2022-1292 CVE-2022-2068 CVE-2022-24439 CVE-2022-46648 CVE-2022-47318 CVE-2023-31047 CVE-2023-36053 CVE-2023-39325 CVE-2023-40267 CVE-2023-44487 CVE-2022-3874 CVE-2023-0462 |
CWE-ID | CWE-78 CWE-94 CWE-434 CWE-1333 CWE-400 CWE-20 |
Exploitation vector | Network |
Public exploit |
Public exploit code for vulnerability #1 is available. Vulnerability #10 is being exploited in the wild. |
Vulnerable software |
Red Hat Satellite Server applications / Other server solutions Red Hat Enterprise Linux for x86_64 Operating systems & Components / Operating system yggdrasil-worker-forwarder (Red Hat package) Operating systems & Components / Operating system package or component satellite (Red Hat package) Operating systems & Components / Operating system package or component rubygem-katello (Red Hat package) Operating systems & Components / Operating system package or component rubygem-git (Red Hat package) Operating systems & Components / Operating system package or component rubygem-foreman_theme_satellite (Red Hat package) Operating systems & Components / Operating system package or component rubygem-foreman_rh_cloud (Red Hat package) Operating systems & Components / Operating system package or component rubygem-foreman_maintain (Red Hat package) Operating systems & Components / Operating system package or component python-pulpcore (Red Hat package) Operating systems & Components / Operating system package or component python-gitpython (Red Hat package) Operating systems & Components / Operating system package or component python-django (Red Hat package) Operating systems & Components / Operating system package or component puppet-agent (Red Hat package) Operating systems & Components / Operating system package or component pulpcore-selinux (Red Hat package) Operating systems & Components / Operating system package or component foreman-installer (Red Hat package) Operating systems & Components / Operating system package or component foreman (Red Hat package) Operating systems & Components / Operating system package or component |
Vendor | Red Hat Inc. |
Security Bulletin
This security bulletin contains information about 12 vulnerabilities.
EUVDB-ID: #VU62765
Risk: Medium
CVSSv4.0: 8.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2022-1292
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the c_rehash script distributed by some operating systems. A remote attacker with ability to pass data to c_rehash script can and execute arbitrary OS commands with the privileges of the script.
Install updates from vendor's website.
Red Hat Satellite: 6.13 - 6.13.4
Red Hat Enterprise Linux for x86_64: 8.0
yggdrasil-worker-forwarder (Red Hat package): before 0.0.3-1.el8sat
satellite (Red Hat package): before 6.13.5-1.el8sat
rubygem-katello (Red Hat package): before 4.7.0.33-1.el8sat
rubygem-git (Red Hat package): before 1.18.0-1.el8sat
rubygem-foreman_theme_satellite (Red Hat package): before 11.0.0.6-1.el8sat
rubygem-foreman_rh_cloud (Red Hat package): before 7.0.48-1.el8sat
rubygem-foreman_maintain (Red Hat package): before 1.2.12-1.el8sat
python-pulpcore (Red Hat package): before 3.21.18-1.el8pc
python-gitpython (Red Hat package): before 3.1.32-1.el8pc
python-django (Red Hat package): before 3.2.21-1.el8pc
puppet-agent (Red Hat package): before 7.26.0-3.el8sat
pulpcore-selinux (Red Hat package): before 1.3.3-1.el8pc
foreman-installer (Red Hat package): before 3.5.2.4-1.el8sat
foreman (Red Hat package): before 3.5.1.23-1.el8sat
CPE2.3https://access.redhat.com/errata/RHSA-2023:5931
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU64559
Risk: Medium
CVSSv4.0: 7.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-2068
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the c_rehash script distributed by some operating systems. A remote attacker with ability to pass data to c_rehash script can and execute arbitrary OS commands with the privileges of the script.
The vulnerability exists due to incomplete fix for #VU62765 (CVE-2022-1292).
Install updates from vendor's website.
Red Hat Satellite: 6.13 - 6.13.4
Red Hat Enterprise Linux for x86_64: 8.0
yggdrasil-worker-forwarder (Red Hat package): before 0.0.3-1.el8sat
satellite (Red Hat package): before 6.13.5-1.el8sat
rubygem-katello (Red Hat package): before 4.7.0.33-1.el8sat
rubygem-git (Red Hat package): before 1.18.0-1.el8sat
rubygem-foreman_theme_satellite (Red Hat package): before 11.0.0.6-1.el8sat
rubygem-foreman_rh_cloud (Red Hat package): before 7.0.48-1.el8sat
rubygem-foreman_maintain (Red Hat package): before 1.2.12-1.el8sat
python-pulpcore (Red Hat package): before 3.21.18-1.el8pc
python-gitpython (Red Hat package): before 3.1.32-1.el8pc
python-django (Red Hat package): before 3.2.21-1.el8pc
puppet-agent (Red Hat package): before 7.26.0-3.el8sat
pulpcore-selinux (Red Hat package): before 1.3.3-1.el8pc
foreman-installer (Red Hat package): before 3.5.2.4-1.el8sat
foreman (Red Hat package): before 3.5.1.23-1.el8sat
CPE2.3https://access.redhat.com/errata/RHSA-2023:5931
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU79630
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2022-24439
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation when handling URL. A remote unauthenticated attacker can pass specially crafted data to the application and inject a maliciously crafted remote URL into the clone command.
MitigationInstall updates from vendor's website.
Red Hat Satellite: 6.13 - 6.13.4
Red Hat Enterprise Linux for x86_64: 8.0
yggdrasil-worker-forwarder (Red Hat package): before 0.0.3-1.el8sat
satellite (Red Hat package): before 6.13.5-1.el8sat
rubygem-katello (Red Hat package): before 4.7.0.33-1.el8sat
rubygem-git (Red Hat package): before 1.18.0-1.el8sat
rubygem-foreman_theme_satellite (Red Hat package): before 11.0.0.6-1.el8sat
rubygem-foreman_rh_cloud (Red Hat package): before 7.0.48-1.el8sat
rubygem-foreman_maintain (Red Hat package): before 1.2.12-1.el8sat
python-pulpcore (Red Hat package): before 3.21.18-1.el8pc
python-gitpython (Red Hat package): before 3.1.32-1.el8pc
python-django (Red Hat package): before 3.2.21-1.el8pc
puppet-agent (Red Hat package): before 7.26.0-3.el8sat
pulpcore-selinux (Red Hat package): before 1.3.3-1.el8pc
foreman-installer (Red Hat package): before 3.5.2.4-1.el8sat
foreman (Red Hat package): before 3.5.1.23-1.el8sat
CPE2.3https://access.redhat.com/errata/RHSA-2023:5931
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU70699
Risk: Medium
CVSSv4.0: 5.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-46648
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to improper input validation. A remote user can use a specially crafted filename and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Red Hat Satellite: 6.13 - 6.13.4
Red Hat Enterprise Linux for x86_64: 8.0
yggdrasil-worker-forwarder (Red Hat package): before 0.0.3-1.el8sat
satellite (Red Hat package): before 6.13.5-1.el8sat
rubygem-katello (Red Hat package): before 4.7.0.33-1.el8sat
rubygem-git (Red Hat package): before 1.18.0-1.el8sat
rubygem-foreman_theme_satellite (Red Hat package): before 11.0.0.6-1.el8sat
rubygem-foreman_rh_cloud (Red Hat package): before 7.0.48-1.el8sat
rubygem-foreman_maintain (Red Hat package): before 1.2.12-1.el8sat
python-pulpcore (Red Hat package): before 3.21.18-1.el8pc
python-gitpython (Red Hat package): before 3.1.32-1.el8pc
python-django (Red Hat package): before 3.2.21-1.el8pc
puppet-agent (Red Hat package): before 7.26.0-3.el8sat
pulpcore-selinux (Red Hat package): before 1.3.3-1.el8pc
foreman-installer (Red Hat package): before 3.5.2.4-1.el8sat
foreman (Red Hat package): before 3.5.1.23-1.el8sat
CPE2.3https://access.redhat.com/errata/RHSA-2023:5931
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU70700
Risk: Medium
CVSSv4.0: 5.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-47318
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to improper input validation. A remote user can use a specially crafted filename and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Red Hat Satellite: 6.13 - 6.13.4
Red Hat Enterprise Linux for x86_64: 8.0
yggdrasil-worker-forwarder (Red Hat package): before 0.0.3-1.el8sat
satellite (Red Hat package): before 6.13.5-1.el8sat
rubygem-katello (Red Hat package): before 4.7.0.33-1.el8sat
rubygem-git (Red Hat package): before 1.18.0-1.el8sat
rubygem-foreman_theme_satellite (Red Hat package): before 11.0.0.6-1.el8sat
rubygem-foreman_rh_cloud (Red Hat package): before 7.0.48-1.el8sat
rubygem-foreman_maintain (Red Hat package): before 1.2.12-1.el8sat
python-pulpcore (Red Hat package): before 3.21.18-1.el8pc
python-gitpython (Red Hat package): before 3.1.32-1.el8pc
python-django (Red Hat package): before 3.2.21-1.el8pc
puppet-agent (Red Hat package): before 7.26.0-3.el8sat
pulpcore-selinux (Red Hat package): before 1.3.3-1.el8pc
foreman-installer (Red Hat package): before 3.5.2.4-1.el8sat
foreman (Red Hat package): before 3.5.1.23-1.el8sat
CPE2.3https://access.redhat.com/errata/RHSA-2023:5931
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75707
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2023-31047
CWE-ID:
CWE-434 - Unrestricted Upload of File with Dangerous Type
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to the application does not perform validation of files when using one form field for uploading multiple files. A remote attacker can upload a malicious file and execute it on the server.
MitigationInstall updates from vendor's website.
Red Hat Satellite: 6.13 - 6.13.4
Red Hat Enterprise Linux for x86_64: 8.0
yggdrasil-worker-forwarder (Red Hat package): before 0.0.3-1.el8sat
satellite (Red Hat package): before 6.13.5-1.el8sat
rubygem-katello (Red Hat package): before 4.7.0.33-1.el8sat
rubygem-git (Red Hat package): before 1.18.0-1.el8sat
rubygem-foreman_theme_satellite (Red Hat package): before 11.0.0.6-1.el8sat
rubygem-foreman_rh_cloud (Red Hat package): before 7.0.48-1.el8sat
rubygem-foreman_maintain (Red Hat package): before 1.2.12-1.el8sat
python-pulpcore (Red Hat package): before 3.21.18-1.el8pc
python-gitpython (Red Hat package): before 3.1.32-1.el8pc
python-django (Red Hat package): before 3.2.21-1.el8pc
puppet-agent (Red Hat package): before 7.26.0-3.el8sat
pulpcore-selinux (Red Hat package): before 1.3.3-1.el8pc
foreman-installer (Red Hat package): before 3.5.2.4-1.el8sat
foreman (Red Hat package): before 3.5.1.23-1.el8sat
CPE2.3https://access.redhat.com/errata/RHSA-2023:5931
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU77880
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-36053
CWE-ID:
CWE-1333 - Inefficient Regular Expression Complexity
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient input validation when processing untrusted input with a regular expressions within EmailValidator and URLValidator. A remote attacker can pass specially crafted data to the application and perform regular expression denial of service (ReDos) attack.
Install updates from vendor's website.
Red Hat Satellite: 6.13 - 6.13.4
Red Hat Enterprise Linux for x86_64: 8.0
yggdrasil-worker-forwarder (Red Hat package): before 0.0.3-1.el8sat
satellite (Red Hat package): before 6.13.5-1.el8sat
rubygem-katello (Red Hat package): before 4.7.0.33-1.el8sat
rubygem-git (Red Hat package): before 1.18.0-1.el8sat
rubygem-foreman_theme_satellite (Red Hat package): before 11.0.0.6-1.el8sat
rubygem-foreman_rh_cloud (Red Hat package): before 7.0.48-1.el8sat
rubygem-foreman_maintain (Red Hat package): before 1.2.12-1.el8sat
python-pulpcore (Red Hat package): before 3.21.18-1.el8pc
python-gitpython (Red Hat package): before 3.1.32-1.el8pc
python-django (Red Hat package): before 3.2.21-1.el8pc
puppet-agent (Red Hat package): before 7.26.0-3.el8sat
pulpcore-selinux (Red Hat package): before 1.3.3-1.el8pc
foreman-installer (Red Hat package): before 3.5.2.4-1.el8sat
foreman (Red Hat package): before 3.5.1.23-1.el8sat
CPE2.3https://access.redhat.com/errata/RHSA-2023:5931
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU82064
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-39325
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to excessive consumption of internal resources when handling HTTP/2 requests. A remote attacker can bypass the http2.Server.MaxConcurrentStreams setting by creating new connections while the current connections are still being processed, trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Red Hat Satellite: 6.13 - 6.13.4
Red Hat Enterprise Linux for x86_64: 8.0
yggdrasil-worker-forwarder (Red Hat package): before 0.0.3-1.el8sat
satellite (Red Hat package): before 6.13.5-1.el8sat
rubygem-katello (Red Hat package): before 4.7.0.33-1.el8sat
rubygem-git (Red Hat package): before 1.18.0-1.el8sat
rubygem-foreman_theme_satellite (Red Hat package): before 11.0.0.6-1.el8sat
rubygem-foreman_rh_cloud (Red Hat package): before 7.0.48-1.el8sat
rubygem-foreman_maintain (Red Hat package): before 1.2.12-1.el8sat
python-pulpcore (Red Hat package): before 3.21.18-1.el8pc
python-gitpython (Red Hat package): before 3.1.32-1.el8pc
python-django (Red Hat package): before 3.2.21-1.el8pc
puppet-agent (Red Hat package): before 7.26.0-3.el8sat
pulpcore-selinux (Red Hat package): before 1.3.3-1.el8pc
foreman-installer (Red Hat package): before 3.5.2.4-1.el8sat
foreman (Red Hat package): before 3.5.1.23-1.el8sat
CPE2.3https://access.redhat.com/errata/RHSA-2023:5931
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU79631
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2023-40267
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can pass specially crafted input to the application and compromise the affected system.
Note, the vulnerability exists due to incomplete fix for CVE-2022-24439.
Install updates from vendor's website.
Red Hat Satellite: 6.13 - 6.13.4
Red Hat Enterprise Linux for x86_64: 8.0
yggdrasil-worker-forwarder (Red Hat package): before 0.0.3-1.el8sat
satellite (Red Hat package): before 6.13.5-1.el8sat
rubygem-katello (Red Hat package): before 4.7.0.33-1.el8sat
rubygem-git (Red Hat package): before 1.18.0-1.el8sat
rubygem-foreman_theme_satellite (Red Hat package): before 11.0.0.6-1.el8sat
rubygem-foreman_rh_cloud (Red Hat package): before 7.0.48-1.el8sat
rubygem-foreman_maintain (Red Hat package): before 1.2.12-1.el8sat
python-pulpcore (Red Hat package): before 3.21.18-1.el8pc
python-gitpython (Red Hat package): before 3.1.32-1.el8pc
python-django (Red Hat package): before 3.2.21-1.el8pc
puppet-agent (Red Hat package): before 7.26.0-3.el8sat
pulpcore-selinux (Red Hat package): before 1.3.3-1.el8pc
foreman-installer (Red Hat package): before 3.5.2.4-1.el8sat
foreman (Red Hat package): before 3.5.1.23-1.el8sat
CPE2.3https://access.redhat.com/errata/RHSA-2023:5931
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU81728
Risk: High
CVSSv4.0: 6.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A/U:Amber]
CVE-ID: CVE-2023-44487
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improperly control of consumption for internal resources when handling HTTP/2 requests with compressed HEADERS frames. A remote attacker can send a sequence of compressed HEADERS frames followed by RST_STREAM frames and perform a denial of service (DoS) attack, a.k.a. "Rapid Reset".
Note, the vulnerability is being actively exploited in the wild.
Install updates from vendor's website.
Red Hat Satellite: 6.13 - 6.13.4
Red Hat Enterprise Linux for x86_64: 8.0
yggdrasil-worker-forwarder (Red Hat package): before 0.0.3-1.el8sat
satellite (Red Hat package): before 6.13.5-1.el8sat
rubygem-katello (Red Hat package): before 4.7.0.33-1.el8sat
rubygem-git (Red Hat package): before 1.18.0-1.el8sat
rubygem-foreman_theme_satellite (Red Hat package): before 11.0.0.6-1.el8sat
rubygem-foreman_rh_cloud (Red Hat package): before 7.0.48-1.el8sat
rubygem-foreman_maintain (Red Hat package): before 1.2.12-1.el8sat
python-pulpcore (Red Hat package): before 3.21.18-1.el8pc
python-gitpython (Red Hat package): before 3.1.32-1.el8pc
python-django (Red Hat package): before 3.2.21-1.el8pc
puppet-agent (Red Hat package): before 7.26.0-3.el8sat
pulpcore-selinux (Red Hat package): before 1.3.3-1.el8pc
foreman-installer (Red Hat package): before 3.5.2.4-1.el8sat
foreman (Red Hat package): before 3.5.1.23-1.el8sat
CPE2.3https://access.redhat.com/errata/RHSA-2023:5931
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
EUVDB-ID: #VU82279
Risk: Low
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-3874
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation when processing CoreOS and Fedora CoreOS configurations in templates in foreman. A remote user with administrative privileges can inject arbitrary OS commands into configuration templates and execute them on the system.
Install updates from vendor's website.
Red Hat Satellite: 6.13 - 6.13.4
Red Hat Enterprise Linux for x86_64: 8.0
yggdrasil-worker-forwarder (Red Hat package): before 0.0.3-1.el8sat
satellite (Red Hat package): before 6.13.5-1.el8sat
rubygem-katello (Red Hat package): before 4.7.0.33-1.el8sat
rubygem-git (Red Hat package): before 1.18.0-1.el8sat
rubygem-foreman_theme_satellite (Red Hat package): before 11.0.0.6-1.el8sat
rubygem-foreman_rh_cloud (Red Hat package): before 7.0.48-1.el8sat
rubygem-foreman_maintain (Red Hat package): before 1.2.12-1.el8sat
python-pulpcore (Red Hat package): before 3.21.18-1.el8pc
python-gitpython (Red Hat package): before 3.1.32-1.el8pc
python-django (Red Hat package): before 3.2.21-1.el8pc
puppet-agent (Red Hat package): before 7.26.0-3.el8sat
pulpcore-selinux (Red Hat package): before 1.3.3-1.el8pc
foreman-installer (Red Hat package): before 3.5.2.4-1.el8sat
foreman (Red Hat package): before 3.5.1.23-1.el8sat
CPE2.3https://access.redhat.com/errata/RHSA-2023:5931
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU82280
Risk: Low
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-0462
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to improper input validation in Foreman component. A remote administrator can set global parameters with a YAML payload and execute arbitrary code on the system.
Install updates from vendor's website.
Red Hat Satellite: 6.13 - 6.13.4
Red Hat Enterprise Linux for x86_64: 8.0
yggdrasil-worker-forwarder (Red Hat package): before 0.0.3-1.el8sat
satellite (Red Hat package): before 6.13.5-1.el8sat
rubygem-katello (Red Hat package): before 4.7.0.33-1.el8sat
rubygem-git (Red Hat package): before 1.18.0-1.el8sat
rubygem-foreman_theme_satellite (Red Hat package): before 11.0.0.6-1.el8sat
rubygem-foreman_rh_cloud (Red Hat package): before 7.0.48-1.el8sat
rubygem-foreman_maintain (Red Hat package): before 1.2.12-1.el8sat
python-pulpcore (Red Hat package): before 3.21.18-1.el8pc
python-gitpython (Red Hat package): before 3.1.32-1.el8pc
python-django (Red Hat package): before 3.2.21-1.el8pc
puppet-agent (Red Hat package): before 7.26.0-3.el8sat
pulpcore-selinux (Red Hat package): before 1.3.3-1.el8pc
foreman-installer (Red Hat package): before 3.5.2.4-1.el8sat
foreman (Red Hat package): before 3.5.1.23-1.el8sat
CPE2.3https://access.redhat.com/errata/RHSA-2023:5931
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.