SB2024050718 - SUSE update for Security Beta update for SUSE Manager Client Tools and Salt
Published: May 7, 2024
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 8 secuirty vulnerabilities.
1) Improper input validation (CVE-ID: CVE-2016-8647)
The vulnerability allows an adjacent attacker to bypass security restrictions on the target system.The weakness exists due to input validation error in Ansible's mysql_user module that may lead to incorrect password changing. An adjacent attacker can use the previous password and bypass security restrictions.
Successful exploitation of the vulnerability may result in access to the system.
2) Improper input validation (CVE-ID: CVE-2017-7466)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to improper input validation when processing responses, send by clients to Ansible server. A remote client can send a specially crafted response and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
3) Information disclosure through log files (CVE-ID: CVE-2017-7550)
The vulnerability allows a remote attacker to obtain potentially sensitive information.
The vulnerability exists due to improper passing of certain parameters to the jenkins_plugin module. A remote attacker can gain access to potentially sensitive sensitive information from a remote host's logs.
4) Privilege escalation (CVE-ID: CVE-2018-10874)
The vulnerability allows a local attacker to gain elevated privileges on the target system.
The vulnerability exists due to the system reads the 'ansible.cfg' file from the current working directory when running an ad-hoc command. A local attacker can modify the file to reference arbitrary plugin or module paths and execute arbitrary code from those paths with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
5) Improper Verification of Cryptographic Signature (CVE-ID: CVE-2020-14365)
The vulnerability allows a local authenticated user to #BASIC_IMPACT#.
A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module. GPG signatures are ignored during installation even when disable_gpg_check is set to False, which is the default behavior. This flaw leads to malicious packages being installed on the system and arbitrary code executed via package installation scripts. The highest threat from this vulnerability is to integrity and system availability.
6) Code Injection (CVE-ID: CVE-2023-5764)
The vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to improper input validation when handling templates. A remote user can remove the unsafe designation from template data and execute arbitrary code on the system.
7) Incorrect authorization (CVE-ID: CVE-2023-6152)
The vulnerability allows a remote attacker to bypass email verification.
The vulnerability exists due to email addresses are verified only during sign up, if "verify_email_enabled" option is set. A remote attacker can register an account and then set an arbitrary email address without verification.
8) Memory leak (CVE-ID: CVE-2024-0690)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due memory leak caused by a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. A local user can gain access to potentially sensitive information.
Remediation
Install update from vendor's website.