#VU97594 Improper Authentication in Red Hat Satellite - CVE-2024-7923

Cybersecurity Help s.r.o.

Published: 2024-09-19

Vulnerability identifier: #VU97594

Vulnerability risk: High

CVSSv4.0: 8 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2024-7923

CWE-ID: CWE-287

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Red Hat Satellite
Server applications / Other server solutions

Vendor: Red Hat Inc.

Description

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error in the puppet-pulpcore configuration when deployed with Gunicorn versions prior to 22.0. A remote attacker can send a specially crafted HTTP request to bypass authentication process and gain administrative access to the application.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Red Hat Satellite: 6 - 6.14.3

External links
https://access.redhat.com/security/cve/CVE-2024-7923
https://bugzilla.redhat.com/show_bug.cgi?id=2305718
https://access.redhat.com/errata/RHSA-2024:6335
https://access.redhat.com/errata/RHSA-2024:6336
https://access.redhat.com/errata/RHSA-2024:6337

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Red Hat Satellite

Multiple vulnerabilities in Red Hat Satellite 6.13.7

Multiple vulnerabilities in Red Hat Satellite 6.14.4

Multiple vulnerabilities in Red Hat Satellite 6.15.3