SB2023102352 - Multiple vulnerabilities in Red Hat Satellite 6.12 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2023102352

SB2023102352 - Multiple vulnerabilities in Red Hat Satellite 6.12

Published: October 23, 2023 Updated: December 6, 2024

Security Bulletin ID SB2023102352
Severity
High
Patch available
YES
Number of vulnerabilities 9
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 11% Medium 56% Low 33%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 9 secuirty vulnerabilities.


1) OS Command Injection (CVE-ID: CVE-2022-1292)

The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation in the c_rehash script distributed by some operating systems. A remote attacker with ability to pass data to c_rehash script can and execute arbitrary OS commands with the privileges of the script.



2) OS Command Injection (CVE-ID: CVE-2022-2068)

The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation in the c_rehash script distributed by some operating systems. A remote attacker with ability to pass data to c_rehash script can and execute arbitrary OS commands with the privileges of the script.

The vulnerability exists due to incomplete fix for #VU62765 (CVE-2022-1292).


3) OS Command Injection (CVE-ID: CVE-2022-3874)

The vulnerability allows a remote user to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation when processing CoreOS and Fedora CoreOS configurations in templates in foreman. A remote user with administrative privileges can inject arbitrary OS commands into configuration templates and execute them on the system.


4) Code Injection (CVE-ID: CVE-2022-46648)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper input validation. A remote user can use a specially crafted filename and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


5) Code Injection (CVE-ID: CVE-2022-47318)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper input validation. A remote user can use a specially crafted filename and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


6) OS Command Injection (CVE-ID: CVE-2023-0118)

The vulnerability allows a remote user to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation when processing templates . A remote privileged user can bypass safe mode and inject and execute arbitrary OS commands via the Report Templates function by modifying the "template" JSON value in the POST request.


7) Code Injection (CVE-ID: CVE-2023-0462)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to improper input validation in Foreman component. A remote administrator can set global parameters with a YAML payload and execute arbitrary code on the system.


8) Resource exhaustion (CVE-ID: CVE-2023-39325)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to excessive consumption of internal resources when handling HTTP/2 requests. A remote attacker can bypass the http2.Server.MaxConcurrentStreams setting by creating new connections while the current connections are still being processed, trigger resource exhaustion and perform a denial of service (DoS) attack.


9) Resource exhaustion (CVE-ID: CVE-2023-44487)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improperly control of consumption for internal resources when handling HTTP/2 requests with compressed HEADERS frames. A remote attacker can send a sequence of compressed HEADERS frames followed by RST_STREAM frames and perform a denial of service (DoS) attack, a.k.a. "Rapid Reset".

Note, the vulnerability is being actively exploited in the wild.


Remediation

Install update from vendor's website.

References