Search

Find a vulnerability

Search criteria

    14 vulnerabilities found for Red Hat Satellite 6.14 for RHEL 8 by Red Hat

    CVE-2024-8553 (GCVE-0-2024-8553)

    Vulnerability from nvd – Published: 2024-10-31 15:01 – Updated: 2025-11-11 16:10
    VLAI
    Title
    Foreman: read-only access to entire db from templates
    Summary
    A vulnerability was found in Foreman's loader macros introduced with report templates. These macros may allow an authenticated user with permissions to view and create templates to read any field from Foreman's database. By using specific strings in the loader macros, users can bypass permissions and access sensitive information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:8717 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:8718 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:8719 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:8906 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2024-8553 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2312524 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Satellite 6.13 for RHEL 8 Unaffected: 0:3.5.1.25-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.13::el8
        cpe:/a:redhat:satellite_maintenance:6.13::el8
        cpe:/a:redhat:satellite:6.13::el8
        cpe:/a:redhat:satellite_utils:6.13::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.14 for RHEL 8 Unaffected: 0:3.7.0.14-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.14::el8
        cpe:/a:redhat:satellite_utils:6.14::el8
        cpe:/a:redhat:satellite_capsule:6.14::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.15 for RHEL 8 Unaffected: 0:3.9.1.11-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.15::el8
        cpe:/a:redhat:satellite_capsule:6.15::el8
        cpe:/a:redhat:satellite_utils:6.15::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 0:3.12.0.1-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el8
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 0:3.12.0.1-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el8
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el9
    Create a notification for this product.
    Date Public
    2024-10-31 14:29
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-8553",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-31T15:52:21.343746Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-31T15:52:36.245Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/theforeman/foreman",
              "defaultStatus": "affected",
              "packageName": "foreman"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.13::el8",
                "cpe:/a:redhat:satellite_maintenance:6.13::el8",
                "cpe:/a:redhat:satellite:6.13::el8",
                "cpe:/a:redhat:satellite_utils:6.13::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.13 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.5.1.25-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.14::el8",
                "cpe:/a:redhat:satellite_utils:6.14::el8",
                "cpe:/a:redhat:satellite_capsule:6.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.14 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.7.0.14-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.15::el8",
                "cpe:/a:redhat:satellite_capsule:6.15::el8",
                "cpe:/a:redhat:satellite_utils:6.15::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.15 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.9.1.11-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.12.0.1-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.12.0.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "datePublic": "2024-10-31T14:29:39.030Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in Foreman\u0027s loader macros introduced with report templates. These macros may allow an authenticated user with permissions to view and create templates to read any field from Foreman\u0027s database. By using specific strings in the loader macros, users can bypass permissions and access sensitive information."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-11T16:10:06.757Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:8717",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:8717"
            },
            {
              "name": "RHSA-2024:8718",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:8718"
            },
            {
              "name": "RHSA-2024:8719",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:8719"
            },
            {
              "name": "RHSA-2024:8906",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:8906"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2024-8553"
            },
            {
              "name": "RHBZ#2312524",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312524"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-09-16T07:20:13.067Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-10-31T14:29:39.030Z",
              "value": "Made public."
            }
          ],
          "title": "Foreman: read-only access to entire db from templates",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_redhatCweChain": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2024-8553",
        "datePublished": "2024-10-31T15:01:16.401Z",
        "dateReserved": "2024-09-06T20:25:15.408Z",
        "dateUpdated": "2025-11-11T16:10:06.757Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-7923 (GCVE-0-2024-7923)

    Vulnerability from nvd – Published: 2024-09-04 13:41 – Updated: 2025-11-11 16:12
    VLAI
    Title
    Puppet-pulpcore: an authentication bypass vulnerability exists in pulpcore
    Summary
    An authentication bypass vulnerability has been identified in Pulpcore when deployed with Gunicorn versions prior to 22.0, due to the puppet-pulpcore configuration. This issue arises from Apache's mod_proxy not properly unsetting headers because of restrictions on underscores in HTTP headers, allowing authentication through a malformed header. This flaw impacts all active Satellite deployments (6.13, 6.14 and 6.15) which are using Pulpcore version 3.0+ and could potentially enable unauthorized users to gain administrative access.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-287 - Improper Authentication
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:6335 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:6336 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:6337 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:8906 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2024-7923 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2305718 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Affected: 0 , < 22.0 (custom)
    Red Hat Red Hat Satellite 6.13 for RHEL 8 Unaffected: 1:3.5.2.8-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.13::el8
        cpe:/a:redhat:satellite:6.13::el8
        cpe:/a:redhat:satellite_capsule:6.13::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.14 for RHEL 8 Unaffected: 1:3.7.0.8-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.14::el8
        cpe:/a:redhat:satellite_utils:6.14::el8
        cpe:/a:redhat:satellite_capsule:6.14::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.15 for RHEL 8 Unaffected: 1:3.9.3.4-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.15::el8
        cpe:/a:redhat:satellite:6.15::el8
        cpe:/a:redhat:satellite_utils:6.15::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 1:3.12.0.1-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 1:3.12.0.1-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el8
    Create a notification for this product.
    Red Hat Red Hat Update Infrastructure 4 for Cloud Providers     cpe:/a:redhat:rhui:4::el8
    Create a notification for this product.
    Date Public
    2024-09-04 13:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-7923",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-18T15:28:06.080066Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-18T15:29:14.242Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/theforeman/puppet-pulpcore",
              "defaultStatus": "unaffected",
              "packageName": "pulpcore",
              "versions": [
                {
                  "lessThan": "22.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.13::el8",
                "cpe:/a:redhat:satellite:6.13::el8",
                "cpe:/a:redhat:satellite_capsule:6.13::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.13 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.5.2.8-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.13::el8",
                "cpe:/a:redhat:satellite:6.13::el8",
                "cpe:/a:redhat:satellite_capsule:6.13::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.13 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.5.2.8-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.14::el8",
                "cpe:/a:redhat:satellite_utils:6.14::el8",
                "cpe:/a:redhat:satellite_capsule:6.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.14 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.7.0.8-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.14::el8",
                "cpe:/a:redhat:satellite_utils:6.14::el8",
                "cpe:/a:redhat:satellite_capsule:6.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.14 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.7.0.8-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.15::el8",
                "cpe:/a:redhat:satellite:6.15::el8",
                "cpe:/a:redhat:satellite_utils:6.15::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.15 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.9.3.4-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.15::el8",
                "cpe:/a:redhat:satellite:6.15::el8",
                "cpe:/a:redhat:satellite_utils:6.15::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.15 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.9.3.4-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.12.0.1-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.12.0.1-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.12.0.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.12.0.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhui:4::el8"
              ],
              "defaultStatus": "unaffected",
              "packageName": "pulpcore-selinux",
              "product": "Red Hat Update Infrastructure 4 for Cloud Providers",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhui:4::el8"
              ],
              "defaultStatus": "unaffected",
              "packageName": "python-pulpcore",
              "product": "Red Hat Update Infrastructure 4 for Cloud Providers",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhui:4::el8"
              ],
              "defaultStatus": "unaffected",
              "packageName": "python-pulpcore-client",
              "product": "Red Hat Update Infrastructure 4 for Cloud Providers",
              "vendor": "Red Hat"
            }
          ],
          "datePublic": "2024-09-04T13:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An authentication bypass vulnerability has been identified in Pulpcore when deployed with Gunicorn versions prior to 22.0, due to the puppet-pulpcore configuration. This issue arises from Apache\u0027s mod_proxy not properly unsetting headers because of restrictions on underscores in HTTP headers, allowing authentication through a malformed header. This flaw impacts all active Satellite deployments (6.13, 6.14 and 6.15) which are using Pulpcore version 3.0+ and could potentially enable unauthorized users to gain administrative access."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Critical"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-287",
                  "description": "Improper Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-11T16:12:18.584Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:6335",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:6335"
            },
            {
              "name": "RHSA-2024:6336",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:6336"
            },
            {
              "name": "RHSA-2024:6337",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:6337"
            },
            {
              "name": "RHSA-2024:8906",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:8906"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2024-7923"
            },
            {
              "name": "RHBZ#2305718",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2305718"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-08-19T12:36:58.759Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-09-04T13:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Puppet-pulpcore: an authentication bypass vulnerability exists in pulpcore",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_redhatCweChain": "CWE-287: Improper Authentication"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2024-7923",
        "datePublished": "2024-09-04T13:41:48.872Z",
        "dateReserved": "2024-08-19T12:40:08.047Z",
        "dateUpdated": "2025-11-11T16:12:18.584Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-7012 (GCVE-0-2024-7012)

    Vulnerability from nvd – Published: 2024-09-04 13:41 – Updated: 2025-11-11 15:29
    VLAI
    Title
    Puppet-foreman: an authentication bypass vulnerability exists in foreman
    Summary
    An authentication bypass vulnerability has been identified in Foreman when deployed with External Authentication, due to the puppet-foreman configuration. This issue arises from Apache's mod_proxy not properly unsetting headers because of restrictions on underscores in HTTP headers, allowing authentication through a malformed header. This flaw impacts all active Satellite deployments (6.13, 6.14 and 6.15) and could potentially enable unauthorized users to gain administrative access.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-287 - Improper Authentication
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:6335 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:6336 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:6337 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:8906 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2024-7012 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2299429 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Affected: 0 , < 22.0 (semver)
    Red Hat Red Hat Satellite 6.13 for RHEL 8 Unaffected: 1:3.5.2.8-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.13::el8
        cpe:/a:redhat:satellite_capsule:6.13::el8
        cpe:/a:redhat:satellite_utils:6.13::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.14 for RHEL 8 Unaffected: 1:3.7.0.8-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.14::el8
        cpe:/a:redhat:satellite_capsule:6.14::el8
        cpe:/a:redhat:satellite_utils:6.14::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.15 for RHEL 8 Unaffected: 1:3.9.3.4-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.15::el8
        cpe:/a:redhat:satellite_utils:6.15::el8
        cpe:/a:redhat:satellite_capsule:6.15::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 1:3.12.0.1-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 1:3.12.0.1-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
    Create a notification for this product.
    Date Public
    2024-09-04 13:14
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-7012",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-23T17:16:24.550968Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-23T17:16:34.903Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/theforeman/puppet-foreman",
              "defaultStatus": "unaffected",
              "packageName": "puppet-foreman",
              "versions": [
                {
                  "lessThan": "22.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.13::el8",
                "cpe:/a:redhat:satellite_capsule:6.13::el8",
                "cpe:/a:redhat:satellite_utils:6.13::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.13 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.5.2.8-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.13::el8",
                "cpe:/a:redhat:satellite_capsule:6.13::el8",
                "cpe:/a:redhat:satellite_utils:6.13::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.13 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.5.2.8-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.14::el8",
                "cpe:/a:redhat:satellite_capsule:6.14::el8",
                "cpe:/a:redhat:satellite_utils:6.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.14 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.7.0.8-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.14::el8",
                "cpe:/a:redhat:satellite_capsule:6.14::el8",
                "cpe:/a:redhat:satellite_utils:6.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.14 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.7.0.8-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.15::el8",
                "cpe:/a:redhat:satellite_utils:6.15::el8",
                "cpe:/a:redhat:satellite_capsule:6.15::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.15 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.9.3.4-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.15::el8",
                "cpe:/a:redhat:satellite_utils:6.15::el8",
                "cpe:/a:redhat:satellite_capsule:6.15::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.15 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.9.3.4-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.12.0.1-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.12.0.1-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.12.0.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.12.0.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "datePublic": "2024-09-04T13:14:02.531Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An authentication bypass vulnerability has been identified in Foreman when deployed with External Authentication, due to the puppet-foreman configuration. This issue arises from Apache\u0027s mod_proxy not properly unsetting headers because of restrictions on underscores in HTTP headers, allowing authentication through a malformed header. This flaw impacts all active Satellite deployments (6.13, 6.14 and 6.15) and could potentially enable unauthorized users to gain administrative access."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Critical"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-287",
                  "description": "Improper Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-11T15:29:25.711Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:6335",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:6335"
            },
            {
              "name": "RHSA-2024:6336",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:6336"
            },
            {
              "name": "RHSA-2024:6337",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:6337"
            },
            {
              "name": "RHSA-2024:8906",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:8906"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2024-7012"
            },
            {
              "name": "RHBZ#2299429",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299429"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-07-23T04:51:12.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-09-04T13:14:02.531Z",
              "value": "Made public."
            }
          ],
          "title": "Puppet-foreman: an authentication bypass vulnerability exists in foreman",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_redhatCweChain": "CWE-287: Improper Authentication"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2024-7012",
        "datePublished": "2024-09-04T13:41:17.877Z",
        "dateReserved": "2024-07-23T05:02:30.865Z",
        "dateUpdated": "2025-11-11T15:29:25.711Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-5189 (GCVE-0-2023-5189)

    Vulnerability from nvd – Published: 2023-11-14 22:57 – Updated: 2025-11-20 17:30
    VLAI
    Title
    Hub: insecure galaxy-importer tarfile extraction
    Summary
    A path traversal vulnerability exists in Ansible when extracting tarballs. An attacker could craft a malicious tarball so that when using the galaxy importer of Ansible Automation Hub, a symlink could be dropped on the disk, resulting in files being overwritten.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-23 - Relative Path Traversal
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2023:7773 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1536 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2010 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2023-5189 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2234387 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Ansible Automation Platform 2.4 for RHEL 8 Unaffected: 0:0.4.18-1.el8ap , < * (rpm)
        cpe:/a:redhat:ansible_automation_platform:2.4::el8
        cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
        cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
        cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
        cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
        cpe:/a:redhat:ansible_automation_platform:2.4::el9
    Create a notification for this product.
    Red Hat Red Hat Ansible Automation Platform 2.4 for RHEL 9 Unaffected: 0:0.4.18-1.el9ap , < * (rpm)
        cpe:/a:redhat:ansible_automation_platform:2.4::el8
        cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
        cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
        cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
        cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
        cpe:/a:redhat:ansible_automation_platform:2.4::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.14 for RHEL 8 Unaffected: 0:0.4.18-2.el8pc , < * (rpm)
        cpe:/a:redhat:satellite:6.14::el8
        cpe:/a:redhat:satellite_capsule:6.14::el8
        cpe:/a:redhat:satellite_utils:6.14::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.15 for RHEL 8 Unaffected: 0:0.4.19-2.el8pc , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.15::el8
        cpe:/a:redhat:satellite_capsule:6.15::el8
        cpe:/a:redhat:satellite:6.15::el8
        cpe:/a:redhat:satellite_maintenance:6.15::el8
    Create a notification for this product.
    Date Public
    2023-09-26 05:28
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:52:08.227Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2023:7773",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2023:7773"
              },
              {
                "name": "RHSA-2024:1536",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1536"
              },
              {
                "name": "RHSA-2024:2010",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2010"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2023-5189"
              },
              {
                "name": "RHBZ#2234387",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234387"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-5189",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-29T14:15:00.429640Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-29T14:16:10.546Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2.4::el8",
                "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8",
                "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8",
                "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9",
                "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9",
                "cpe:/a:redhat:ansible_automation_platform:2.4::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python3x-galaxy-importer",
              "product": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.4.18-1.el8ap",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2.4::el8",
                "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8",
                "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8",
                "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9",
                "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9",
                "cpe:/a:redhat:ansible_automation_platform:2.4::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-galaxy-importer",
              "product": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.4.18-1.el9ap",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.14::el8",
                "cpe:/a:redhat:satellite_capsule:6.14::el8",
                "cpe:/a:redhat:satellite_utils:6.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "python-galaxy-importer",
              "product": "Red Hat Satellite 6.14 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.4.18-2.el8pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.14::el8",
                "cpe:/a:redhat:satellite_capsule:6.14::el8",
                "cpe:/a:redhat:satellite_utils:6.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "python-galaxy-importer",
              "product": "Red Hat Satellite 6.14 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.4.18-2.el8pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.15::el8",
                "cpe:/a:redhat:satellite_capsule:6.15::el8",
                "cpe:/a:redhat:satellite:6.15::el8",
                "cpe:/a:redhat:satellite_maintenance:6.15::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "python-galaxy-importer",
              "product": "Red Hat Satellite 6.15 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.4.19-2.el8pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.15::el8",
                "cpe:/a:redhat:satellite_capsule:6.15::el8",
                "cpe:/a:redhat:satellite:6.15::el8",
                "cpe:/a:redhat:satellite_maintenance:6.15::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "python-galaxy-importer",
              "product": "Red Hat Satellite 6.15 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.4.19-2.el8pc",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "datePublic": "2023-09-26T05:28:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A path traversal vulnerability exists in Ansible when extracting tarballs. An attacker could craft a malicious tarball so that when using the galaxy importer of Ansible Automation Hub, a symlink could be dropped on the disk, resulting in files being overwritten."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-23",
                  "description": "Relative Path Traversal",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-20T17:30:17.896Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2023:7773",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2023:7773"
            },
            {
              "name": "RHSA-2024:1536",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1536"
            },
            {
              "name": "RHSA-2024:2010",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2010"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2023-5189"
            },
            {
              "name": "RHBZ#2234387",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234387"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-08-23T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2023-09-26T05:28:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Hub: insecure galaxy-importer tarfile extraction",
          "x_redhatCweChain": "CWE-23: Relative Path Traversal"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2023-5189",
        "datePublished": "2023-11-14T22:57:00.584Z",
        "dateReserved": "2023-09-26T05:27:24.004Z",
        "dateUpdated": "2025-11-20T17:30:17.896Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-4886 (GCVE-0-2023-4886)

    Vulnerability from nvd – Published: 2023-10-03 14:24 – Updated: 2026-02-25 18:32
    VLAI
    Title
    Foreman: world readable file containing secrets
    Summary
    A sensitive information exposure vulnerability was found in foreman. Contents of tomcat's server.xml file, which contain passwords to candlepin's keystore and truststore, were found to be world readable.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2023:7851 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1061 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2023-4886 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2230135 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Satellite 6.13 for RHEL 8 Unaffected: 0:3.5.1.24-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.13::el8
        cpe:/a:redhat:satellite_maintenance:6.13::el8
        cpe:/a:redhat:satellite:6.13::el8
        cpe:/a:redhat:satellite_capsule:6.13::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.14 for RHEL 8 Unaffected: 0:3.7.0.10-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.14::el8
        cpe:/a:redhat:satellite_capsule:6.14::el8
        cpe:/a:redhat:satellite:6.14::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.14 for RHEL 8 Unaffected: 1:3.7.0.5-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.14::el8
        cpe:/a:redhat:satellite_capsule:6.14::el8
        cpe:/a:redhat:satellite:6.14::el8
    Create a notification for this product.
    Date Public
    2023-10-03 14:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:38:00.875Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2023:7851",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2023:7851"
              },
              {
                "name": "RHSA-2024:1061",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1061"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2023-4886"
              },
              {
                "name": "RHBZ#2230135",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230135"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-4886",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-03T14:56:17.785028Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-03T14:56:31.425Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.13::el8",
                "cpe:/a:redhat:satellite_maintenance:6.13::el8",
                "cpe:/a:redhat:satellite:6.13::el8",
                "cpe:/a:redhat:satellite_capsule:6.13::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.13 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.5.1.24-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.14::el8",
                "cpe:/a:redhat:satellite_capsule:6.14::el8",
                "cpe:/a:redhat:satellite:6.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.14 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.7.0.10-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.14::el8",
                "cpe:/a:redhat:satellite_capsule:6.14::el8",
                "cpe:/a:redhat:satellite:6.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.14 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.7.0.5-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "datePublic": "2023-10-03T14:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A sensitive information exposure vulnerability was found in foreman. Contents of tomcat\u0027s server.xml file, which contain passwords to candlepin\u0027s keystore and truststore, were found to be world readable."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-25T18:32:04.057Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2023:7851",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2023:7851"
            },
            {
              "name": "RHSA-2024:1061",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1061"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2023-4886"
            },
            {
              "name": "RHBZ#2230135",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230135"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-08-08T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2023-10-03T14:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Foreman: world readable file containing secrets",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2023-4886",
        "datePublished": "2023-10-03T14:24:56.342Z",
        "dateReserved": "2023-09-11T09:51:13.928Z",
        "dateUpdated": "2026-02-25T18:32:04.057Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-0118 (GCVE-0-2023-0118)

    Vulnerability from nvd – Published: 2023-09-20 13:39 – Updated: 2024-09-17 13:51
    VLAI
    Title
    Foreman: arbitrary code execution through templates
    Summary
    An arbitrary code execution flaw was found in Foreman. This flaw allows an admin user to bypass safe mode in templates and execute arbitrary code on the underlying operating system.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2023:4466 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2023:5979 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2023:5980 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2023:6818 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2023-0118 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2159291 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Satellite 6.11 for RHEL 7 Unaffected: 0:3.1.1.27-1.el7sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.11::el8
        cpe:/a:redhat:satellite_capsule:6.11::el7
        cpe:/a:redhat:satellite_utils:6.11::el8
        cpe:/a:redhat:satellite:6.11::el7
        cpe:/a:redhat:satellite_utils:6.11::el7
        cpe:/a:redhat:satellite:6.11::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.11 for RHEL 8 Unaffected: 0:3.1.1.27-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.11::el8
        cpe:/a:redhat:satellite_capsule:6.11::el7
        cpe:/a:redhat:satellite_utils:6.11::el8
        cpe:/a:redhat:satellite:6.11::el7
        cpe:/a:redhat:satellite_utils:6.11::el7
        cpe:/a:redhat:satellite:6.11::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.12 for RHEL 8 Unaffected: 0:1.3.8-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.12::el8
        cpe:/a:redhat:satellite_capsule:6.12::el8
        cpe:/a:redhat:satellite_utils:6.12::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.13 for RHEL 8 Unaffected: 0:1.3.8-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.13::el8
        cpe:/a:redhat:satellite_utils:6.13::el8
        cpe:/a:redhat:satellite_maintenance:6.13::el8
        cpe:/a:redhat:satellite:6.13::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.14 for RHEL 8 Unaffected: 0:3.7.0.9-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_maintenance:6.14::el8
        cpe:/a:redhat:satellite_utils:6.14::el8
        cpe:/a:redhat:satellite:6.14::el8
        cpe:/a:redhat:satellite_capsule:6.14::el8
    Create a notification for this product.
    Date Public
    2023-03-12 00:00
    Credits
    Red Hat would like to thank Andrew Danau (Onsec.io) for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T05:02:43.821Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2023:4466",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2023:4466"
              },
              {
                "name": "RHSA-2023:5979",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2023:5979"
              },
              {
                "name": "RHSA-2023:5980",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2023:5980"
              },
              {
                "name": "RHSA-2023:6818",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2023:6818"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2023-0118"
              },
              {
                "name": "RHBZ#2159291",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2159291"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-0118",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-07T18:09:30.819280Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-17T13:51:28.373Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/theforeman/foreman",
              "defaultStatus": "affected",
              "packageName": "foreman"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.11::el8",
                "cpe:/a:redhat:satellite_capsule:6.11::el7",
                "cpe:/a:redhat:satellite_utils:6.11::el8",
                "cpe:/a:redhat:satellite:6.11::el7",
                "cpe:/a:redhat:satellite_utils:6.11::el7",
                "cpe:/a:redhat:satellite:6.11::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.11 for RHEL 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.1.1.27-1.el7sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.11::el8",
                "cpe:/a:redhat:satellite_capsule:6.11::el7",
                "cpe:/a:redhat:satellite_utils:6.11::el8",
                "cpe:/a:redhat:satellite:6.11::el7",
                "cpe:/a:redhat:satellite_utils:6.11::el7",
                "cpe:/a:redhat:satellite:6.11::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.11 for RHEL 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.1.1.27-1.el7sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.11::el8",
                "cpe:/a:redhat:satellite_capsule:6.11::el7",
                "cpe:/a:redhat:satellite_utils:6.11::el8",
                "cpe:/a:redhat:satellite:6.11::el7",
                "cpe:/a:redhat:satellite_utils:6.11::el7",
                "cpe:/a:redhat:satellite:6.11::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.11 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.1.1.27-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.11::el8",
                "cpe:/a:redhat:satellite_capsule:6.11::el7",
                "cpe:/a:redhat:satellite_utils:6.11::el8",
                "cpe:/a:redhat:satellite:6.11::el7",
                "cpe:/a:redhat:satellite_utils:6.11::el7",
                "cpe:/a:redhat:satellite:6.11::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.11 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.1.1.27-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.12::el8",
                "cpe:/a:redhat:satellite_capsule:6.12::el8",
                "cpe:/a:redhat:satellite_utils:6.12::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-safemode",
              "product": "Red Hat Satellite 6.12 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.8-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.13::el8",
                "cpe:/a:redhat:satellite_utils:6.13::el8",
                "cpe:/a:redhat:satellite_maintenance:6.13::el8",
                "cpe:/a:redhat:satellite:6.13::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-safemode",
              "product": "Red Hat Satellite 6.13 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.8-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.14::el8",
                "cpe:/a:redhat:satellite_utils:6.14::el8",
                "cpe:/a:redhat:satellite:6.14::el8",
                "cpe:/a:redhat:satellite_capsule:6.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.14 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.7.0.9-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.14::el8",
                "cpe:/a:redhat:satellite_utils:6.14::el8",
                "cpe:/a:redhat:satellite:6.14::el8",
                "cpe:/a:redhat:satellite_capsule:6.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.14 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.7.0.9-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Andrew Danau (Onsec.io) for reporting this issue."
            }
          ],
          "datePublic": "2023-03-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An arbitrary code execution flaw was found in Foreman. This flaw allows an admin user to bypass safe mode in templates and execute arbitrary code on the underlying operating system."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-03T15:32:29.709Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2023:4466",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2023:4466"
            },
            {
              "name": "RHSA-2023:5979",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2023:5979"
            },
            {
              "name": "RHSA-2023:5980",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2023:5980"
            },
            {
              "name": "RHSA-2023:6818",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2023:6818"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2023-0118"
            },
            {
              "name": "RHBZ#2159291",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2159291"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2022-12-12T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2023-03-12T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Foreman: arbitrary code execution through templates",
          "x_redhatCweChain": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2023-0118",
        "datePublished": "2023-09-20T13:39:27.756Z",
        "dateReserved": "2023-01-09T13:21:05.016Z",
        "dateUpdated": "2024-09-17T13:51:28.373Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-0119 (GCVE-0-2023-0119)

    Vulnerability from nvd – Published: 2023-09-12 15:14 – Updated: 2024-08-02 05:02
    VLAI
    Title
    Foreman: stored cross-site scripting in host tab
    Summary
    A stored Cross-site scripting vulnerability was found in foreman. The Comment section in the Hosts tab has incorrect filtering of user input data. As a result of the attack, an attacker with an existing account on the system can steal another user's session, make requests on behalf of the user, and obtain user credentials.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    References
    Impacted products
    Vendor Product Version
    Unaffected: 3.4.2
    Unaffected: 3.5.1.16
    Unaffected: 3.5.2
    Unaffected: 3.6.0
    Red Hat Red Hat Satellite 6.13 for RHEL 8 Unaffected: 0:3.5.1.17-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.13::el8
        cpe:/a:redhat:satellite_utils:6.13::el8
        cpe:/a:redhat:satellite_maintenance:6.13::el8
        cpe:/a:redhat:satellite:6.13::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.14 for RHEL 8 Unaffected: 0:3.7.0.9-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_maintenance:6.14::el8
        cpe:/a:redhat:satellite_utils:6.14::el8
        cpe:/a:redhat:satellite:6.14::el8
        cpe:/a:redhat:satellite_capsule:6.14::el8
    Create a notification for this product.
    Date Public
    2023-03-12 00:00
    Credits
    Red Hat would like to thank Dinko Dimitrov (Onsec.io) for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-0119",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-11T19:42:07.019021Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-11T19:42:12.486Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T05:02:43.579Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2023:3387",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2023:3387"
              },
              {
                "name": "RHSA-2023:6818",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2023:6818"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2023-0119"
              },
              {
                "name": "RHBZ#2159104",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2159104"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://projects.theforeman.org/issues/35977"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/theforeman/foreman",
              "packageName": "foreman",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "3.4.2"
                },
                {
                  "status": "unaffected",
                  "version": "3.5.1.16"
                },
                {
                  "status": "unaffected",
                  "version": "3.5.2"
                },
                {
                  "status": "unaffected",
                  "version": "3.6.0"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.13::el8",
                "cpe:/a:redhat:satellite_utils:6.13::el8",
                "cpe:/a:redhat:satellite_maintenance:6.13::el8",
                "cpe:/a:redhat:satellite:6.13::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.13 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.5.1.17-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.13::el8",
                "cpe:/a:redhat:satellite_utils:6.13::el8",
                "cpe:/a:redhat:satellite_maintenance:6.13::el8",
                "cpe:/a:redhat:satellite:6.13::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.13 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.5.1.17-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.14::el8",
                "cpe:/a:redhat:satellite_utils:6.14::el8",
                "cpe:/a:redhat:satellite:6.14::el8",
                "cpe:/a:redhat:satellite_capsule:6.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.14 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.7.0.9-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.14::el8",
                "cpe:/a:redhat:satellite_utils:6.14::el8",
                "cpe:/a:redhat:satellite:6.14::el8",
                "cpe:/a:redhat:satellite_capsule:6.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.14 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.7.0.9-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Dinko Dimitrov (Onsec.io) for reporting this issue."
            }
          ],
          "datePublic": "2023-03-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A stored Cross-site scripting vulnerability was found in foreman. The Comment section in the Hosts tab has incorrect filtering of user input data. As a result of the attack, an attacker with an existing account on the system can steal another user\u0027s session, make requests on behalf of the user, and obtain user credentials."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-03T15:32:30.715Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2023:3387",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2023:3387"
            },
            {
              "name": "RHSA-2023:6818",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2023:6818"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2023-0119"
            },
            {
              "name": "RHBZ#2159104",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2159104"
            },
            {
              "url": "https://projects.theforeman.org/issues/35977"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2022-12-16T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2023-03-12T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Foreman: stored cross-site scripting in host tab",
          "x_redhatCweChain": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2023-0119",
        "datePublished": "2023-09-12T15:14:29.533Z",
        "dateReserved": "2023-01-09T13:23:29.547Z",
        "dateUpdated": "2024-08-02T05:02:43.579Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-8553 (GCVE-0-2024-8553)

    Vulnerability from cvelistv5 – Published: 2024-10-31 15:01 – Updated: 2025-11-11 16:10
    VLAI
    Title
    Foreman: read-only access to entire db from templates
    Summary
    A vulnerability was found in Foreman's loader macros introduced with report templates. These macros may allow an authenticated user with permissions to view and create templates to read any field from Foreman's database. By using specific strings in the loader macros, users can bypass permissions and access sensitive information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:8717 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:8718 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:8719 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:8906 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2024-8553 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2312524 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Satellite 6.13 for RHEL 8 Unaffected: 0:3.5.1.25-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.13::el8
        cpe:/a:redhat:satellite_maintenance:6.13::el8
        cpe:/a:redhat:satellite:6.13::el8
        cpe:/a:redhat:satellite_utils:6.13::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.14 for RHEL 8 Unaffected: 0:3.7.0.14-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.14::el8
        cpe:/a:redhat:satellite_utils:6.14::el8
        cpe:/a:redhat:satellite_capsule:6.14::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.15 for RHEL 8 Unaffected: 0:3.9.1.11-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.15::el8
        cpe:/a:redhat:satellite_capsule:6.15::el8
        cpe:/a:redhat:satellite_utils:6.15::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 0:3.12.0.1-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el8
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 0:3.12.0.1-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el8
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el9
    Create a notification for this product.
    Date Public
    2024-10-31 14:29
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-8553",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-31T15:52:21.343746Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-31T15:52:36.245Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/theforeman/foreman",
              "defaultStatus": "affected",
              "packageName": "foreman"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.13::el8",
                "cpe:/a:redhat:satellite_maintenance:6.13::el8",
                "cpe:/a:redhat:satellite:6.13::el8",
                "cpe:/a:redhat:satellite_utils:6.13::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.13 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.5.1.25-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.14::el8",
                "cpe:/a:redhat:satellite_utils:6.14::el8",
                "cpe:/a:redhat:satellite_capsule:6.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.14 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.7.0.14-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.15::el8",
                "cpe:/a:redhat:satellite_capsule:6.15::el8",
                "cpe:/a:redhat:satellite_utils:6.15::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.15 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.9.1.11-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.12.0.1-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.12.0.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "datePublic": "2024-10-31T14:29:39.030Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in Foreman\u0027s loader macros introduced with report templates. These macros may allow an authenticated user with permissions to view and create templates to read any field from Foreman\u0027s database. By using specific strings in the loader macros, users can bypass permissions and access sensitive information."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-11T16:10:06.757Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:8717",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:8717"
            },
            {
              "name": "RHSA-2024:8718",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:8718"
            },
            {
              "name": "RHSA-2024:8719",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:8719"
            },
            {
              "name": "RHSA-2024:8906",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:8906"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2024-8553"
            },
            {
              "name": "RHBZ#2312524",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312524"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-09-16T07:20:13.067Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-10-31T14:29:39.030Z",
              "value": "Made public."
            }
          ],
          "title": "Foreman: read-only access to entire db from templates",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_redhatCweChain": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2024-8553",
        "datePublished": "2024-10-31T15:01:16.401Z",
        "dateReserved": "2024-09-06T20:25:15.408Z",
        "dateUpdated": "2025-11-11T16:10:06.757Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-7923 (GCVE-0-2024-7923)

    Vulnerability from cvelistv5 – Published: 2024-09-04 13:41 – Updated: 2025-11-11 16:12
    VLAI
    Title
    Puppet-pulpcore: an authentication bypass vulnerability exists in pulpcore
    Summary
    An authentication bypass vulnerability has been identified in Pulpcore when deployed with Gunicorn versions prior to 22.0, due to the puppet-pulpcore configuration. This issue arises from Apache's mod_proxy not properly unsetting headers because of restrictions on underscores in HTTP headers, allowing authentication through a malformed header. This flaw impacts all active Satellite deployments (6.13, 6.14 and 6.15) which are using Pulpcore version 3.0+ and could potentially enable unauthorized users to gain administrative access.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-287 - Improper Authentication
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:6335 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:6336 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:6337 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:8906 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2024-7923 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2305718 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Affected: 0 , < 22.0 (custom)
    Red Hat Red Hat Satellite 6.13 for RHEL 8 Unaffected: 1:3.5.2.8-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.13::el8
        cpe:/a:redhat:satellite:6.13::el8
        cpe:/a:redhat:satellite_capsule:6.13::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.14 for RHEL 8 Unaffected: 1:3.7.0.8-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.14::el8
        cpe:/a:redhat:satellite_utils:6.14::el8
        cpe:/a:redhat:satellite_capsule:6.14::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.15 for RHEL 8 Unaffected: 1:3.9.3.4-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.15::el8
        cpe:/a:redhat:satellite:6.15::el8
        cpe:/a:redhat:satellite_utils:6.15::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 1:3.12.0.1-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 1:3.12.0.1-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el8
    Create a notification for this product.
    Red Hat Red Hat Update Infrastructure 4 for Cloud Providers     cpe:/a:redhat:rhui:4::el8
    Create a notification for this product.
    Date Public
    2024-09-04 13:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-7923",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-18T15:28:06.080066Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-18T15:29:14.242Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/theforeman/puppet-pulpcore",
              "defaultStatus": "unaffected",
              "packageName": "pulpcore",
              "versions": [
                {
                  "lessThan": "22.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.13::el8",
                "cpe:/a:redhat:satellite:6.13::el8",
                "cpe:/a:redhat:satellite_capsule:6.13::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.13 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.5.2.8-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.13::el8",
                "cpe:/a:redhat:satellite:6.13::el8",
                "cpe:/a:redhat:satellite_capsule:6.13::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.13 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.5.2.8-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.14::el8",
                "cpe:/a:redhat:satellite_utils:6.14::el8",
                "cpe:/a:redhat:satellite_capsule:6.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.14 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.7.0.8-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.14::el8",
                "cpe:/a:redhat:satellite_utils:6.14::el8",
                "cpe:/a:redhat:satellite_capsule:6.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.14 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.7.0.8-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.15::el8",
                "cpe:/a:redhat:satellite:6.15::el8",
                "cpe:/a:redhat:satellite_utils:6.15::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.15 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.9.3.4-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.15::el8",
                "cpe:/a:redhat:satellite:6.15::el8",
                "cpe:/a:redhat:satellite_utils:6.15::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.15 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.9.3.4-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.12.0.1-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.12.0.1-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.12.0.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_capsule:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.12.0.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhui:4::el8"
              ],
              "defaultStatus": "unaffected",
              "packageName": "pulpcore-selinux",
              "product": "Red Hat Update Infrastructure 4 for Cloud Providers",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhui:4::el8"
              ],
              "defaultStatus": "unaffected",
              "packageName": "python-pulpcore",
              "product": "Red Hat Update Infrastructure 4 for Cloud Providers",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhui:4::el8"
              ],
              "defaultStatus": "unaffected",
              "packageName": "python-pulpcore-client",
              "product": "Red Hat Update Infrastructure 4 for Cloud Providers",
              "vendor": "Red Hat"
            }
          ],
          "datePublic": "2024-09-04T13:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An authentication bypass vulnerability has been identified in Pulpcore when deployed with Gunicorn versions prior to 22.0, due to the puppet-pulpcore configuration. This issue arises from Apache\u0027s mod_proxy not properly unsetting headers because of restrictions on underscores in HTTP headers, allowing authentication through a malformed header. This flaw impacts all active Satellite deployments (6.13, 6.14 and 6.15) which are using Pulpcore version 3.0+ and could potentially enable unauthorized users to gain administrative access."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Critical"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-287",
                  "description": "Improper Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-11T16:12:18.584Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:6335",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:6335"
            },
            {
              "name": "RHSA-2024:6336",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:6336"
            },
            {
              "name": "RHSA-2024:6337",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:6337"
            },
            {
              "name": "RHSA-2024:8906",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:8906"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2024-7923"
            },
            {
              "name": "RHBZ#2305718",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2305718"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-08-19T12:36:58.759Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-09-04T13:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Puppet-pulpcore: an authentication bypass vulnerability exists in pulpcore",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_redhatCweChain": "CWE-287: Improper Authentication"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2024-7923",
        "datePublished": "2024-09-04T13:41:48.872Z",
        "dateReserved": "2024-08-19T12:40:08.047Z",
        "dateUpdated": "2025-11-11T16:12:18.584Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-7012 (GCVE-0-2024-7012)

    Vulnerability from cvelistv5 – Published: 2024-09-04 13:41 – Updated: 2025-11-11 15:29
    VLAI
    Title
    Puppet-foreman: an authentication bypass vulnerability exists in foreman
    Summary
    An authentication bypass vulnerability has been identified in Foreman when deployed with External Authentication, due to the puppet-foreman configuration. This issue arises from Apache's mod_proxy not properly unsetting headers because of restrictions on underscores in HTTP headers, allowing authentication through a malformed header. This flaw impacts all active Satellite deployments (6.13, 6.14 and 6.15) and could potentially enable unauthorized users to gain administrative access.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-287 - Improper Authentication
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:6335 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:6336 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:6337 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:8906 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2024-7012 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2299429 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Affected: 0 , < 22.0 (semver)
    Red Hat Red Hat Satellite 6.13 for RHEL 8 Unaffected: 1:3.5.2.8-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.13::el8
        cpe:/a:redhat:satellite_capsule:6.13::el8
        cpe:/a:redhat:satellite_utils:6.13::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.14 for RHEL 8 Unaffected: 1:3.7.0.8-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.14::el8
        cpe:/a:redhat:satellite_capsule:6.14::el8
        cpe:/a:redhat:satellite_utils:6.14::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.15 for RHEL 8 Unaffected: 1:3.9.3.4-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.15::el8
        cpe:/a:redhat:satellite_utils:6.15::el8
        cpe:/a:redhat:satellite_capsule:6.15::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 8 Unaffected: 1:3.12.0.1-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9 Unaffected: 1:3.12.0.1-1.el9sat , < * (rpm)
        cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el9
        cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el9
    Create a notification for this product.
    Date Public
    2024-09-04 13:14
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-7012",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-23T17:16:24.550968Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-23T17:16:34.903Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/theforeman/puppet-foreman",
              "defaultStatus": "unaffected",
              "packageName": "puppet-foreman",
              "versions": [
                {
                  "lessThan": "22.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.13::el8",
                "cpe:/a:redhat:satellite_capsule:6.13::el8",
                "cpe:/a:redhat:satellite_utils:6.13::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.13 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.5.2.8-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.13::el8",
                "cpe:/a:redhat:satellite_capsule:6.13::el8",
                "cpe:/a:redhat:satellite_utils:6.13::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.13 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.5.2.8-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.14::el8",
                "cpe:/a:redhat:satellite_capsule:6.14::el8",
                "cpe:/a:redhat:satellite_utils:6.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.14 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.7.0.8-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.14::el8",
                "cpe:/a:redhat:satellite_capsule:6.14::el8",
                "cpe:/a:redhat:satellite_utils:6.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.14 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.7.0.8-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.15::el8",
                "cpe:/a:redhat:satellite_utils:6.15::el8",
                "cpe:/a:redhat:satellite_capsule:6.15::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.15 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.9.3.4-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.15::el8",
                "cpe:/a:redhat:satellite_utils:6.15::el8",
                "cpe:/a:redhat:satellite_capsule:6.15::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.15 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.9.3.4-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.12.0.1-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.16 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.12.0.1-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.12.0.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                "cpe:/a:redhat:satellite_utils:6.16::el9",
                "cpe:/a:redhat:satellite:6.16::el8",
                "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el8",
                "cpe:/a:redhat:satellite_capsule:6.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.16 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.12.0.1-1.el9sat",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "datePublic": "2024-09-04T13:14:02.531Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An authentication bypass vulnerability has been identified in Foreman when deployed with External Authentication, due to the puppet-foreman configuration. This issue arises from Apache\u0027s mod_proxy not properly unsetting headers because of restrictions on underscores in HTTP headers, allowing authentication through a malformed header. This flaw impacts all active Satellite deployments (6.13, 6.14 and 6.15) and could potentially enable unauthorized users to gain administrative access."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Critical"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-287",
                  "description": "Improper Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-11T15:29:25.711Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:6335",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:6335"
            },
            {
              "name": "RHSA-2024:6336",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:6336"
            },
            {
              "name": "RHSA-2024:6337",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:6337"
            },
            {
              "name": "RHSA-2024:8906",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:8906"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2024-7012"
            },
            {
              "name": "RHBZ#2299429",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299429"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-07-23T04:51:12.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-09-04T13:14:02.531Z",
              "value": "Made public."
            }
          ],
          "title": "Puppet-foreman: an authentication bypass vulnerability exists in foreman",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_redhatCweChain": "CWE-287: Improper Authentication"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2024-7012",
        "datePublished": "2024-09-04T13:41:17.877Z",
        "dateReserved": "2024-07-23T05:02:30.865Z",
        "dateUpdated": "2025-11-11T15:29:25.711Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-5189 (GCVE-0-2023-5189)

    Vulnerability from cvelistv5 – Published: 2023-11-14 22:57 – Updated: 2025-11-20 17:30
    VLAI
    Title
    Hub: insecure galaxy-importer tarfile extraction
    Summary
    A path traversal vulnerability exists in Ansible when extracting tarballs. An attacker could craft a malicious tarball so that when using the galaxy importer of Ansible Automation Hub, a symlink could be dropped on the disk, resulting in files being overwritten.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-23 - Relative Path Traversal
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2023:7773 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1536 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2010 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2023-5189 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2234387 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Ansible Automation Platform 2.4 for RHEL 8 Unaffected: 0:0.4.18-1.el8ap , < * (rpm)
        cpe:/a:redhat:ansible_automation_platform:2.4::el8
        cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
        cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
        cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
        cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
        cpe:/a:redhat:ansible_automation_platform:2.4::el9
    Create a notification for this product.
    Red Hat Red Hat Ansible Automation Platform 2.4 for RHEL 9 Unaffected: 0:0.4.18-1.el9ap , < * (rpm)
        cpe:/a:redhat:ansible_automation_platform:2.4::el8
        cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
        cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
        cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
        cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
        cpe:/a:redhat:ansible_automation_platform:2.4::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.14 for RHEL 8 Unaffected: 0:0.4.18-2.el8pc , < * (rpm)
        cpe:/a:redhat:satellite:6.14::el8
        cpe:/a:redhat:satellite_capsule:6.14::el8
        cpe:/a:redhat:satellite_utils:6.14::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.15 for RHEL 8 Unaffected: 0:0.4.19-2.el8pc , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.15::el8
        cpe:/a:redhat:satellite_capsule:6.15::el8
        cpe:/a:redhat:satellite:6.15::el8
        cpe:/a:redhat:satellite_maintenance:6.15::el8
    Create a notification for this product.
    Date Public
    2023-09-26 05:28
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:52:08.227Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2023:7773",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2023:7773"
              },
              {
                "name": "RHSA-2024:1536",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1536"
              },
              {
                "name": "RHSA-2024:2010",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2010"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2023-5189"
              },
              {
                "name": "RHBZ#2234387",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234387"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-5189",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-29T14:15:00.429640Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-29T14:16:10.546Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2.4::el8",
                "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8",
                "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8",
                "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9",
                "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9",
                "cpe:/a:redhat:ansible_automation_platform:2.4::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python3x-galaxy-importer",
              "product": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.4.18-1.el8ap",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2.4::el8",
                "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8",
                "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8",
                "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9",
                "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9",
                "cpe:/a:redhat:ansible_automation_platform:2.4::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "python-galaxy-importer",
              "product": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.4.18-1.el9ap",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.14::el8",
                "cpe:/a:redhat:satellite_capsule:6.14::el8",
                "cpe:/a:redhat:satellite_utils:6.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "python-galaxy-importer",
              "product": "Red Hat Satellite 6.14 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.4.18-2.el8pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.14::el8",
                "cpe:/a:redhat:satellite_capsule:6.14::el8",
                "cpe:/a:redhat:satellite_utils:6.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "python-galaxy-importer",
              "product": "Red Hat Satellite 6.14 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.4.18-2.el8pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.15::el8",
                "cpe:/a:redhat:satellite_capsule:6.15::el8",
                "cpe:/a:redhat:satellite:6.15::el8",
                "cpe:/a:redhat:satellite_maintenance:6.15::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "python-galaxy-importer",
              "product": "Red Hat Satellite 6.15 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.4.19-2.el8pc",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.15::el8",
                "cpe:/a:redhat:satellite_capsule:6.15::el8",
                "cpe:/a:redhat:satellite:6.15::el8",
                "cpe:/a:redhat:satellite_maintenance:6.15::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "python-galaxy-importer",
              "product": "Red Hat Satellite 6.15 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:0.4.19-2.el8pc",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "datePublic": "2023-09-26T05:28:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A path traversal vulnerability exists in Ansible when extracting tarballs. An attacker could craft a malicious tarball so that when using the galaxy importer of Ansible Automation Hub, a symlink could be dropped on the disk, resulting in files being overwritten."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-23",
                  "description": "Relative Path Traversal",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-20T17:30:17.896Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2023:7773",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2023:7773"
            },
            {
              "name": "RHSA-2024:1536",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1536"
            },
            {
              "name": "RHSA-2024:2010",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2010"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2023-5189"
            },
            {
              "name": "RHBZ#2234387",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234387"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-08-23T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2023-09-26T05:28:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Hub: insecure galaxy-importer tarfile extraction",
          "x_redhatCweChain": "CWE-23: Relative Path Traversal"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2023-5189",
        "datePublished": "2023-11-14T22:57:00.584Z",
        "dateReserved": "2023-09-26T05:27:24.004Z",
        "dateUpdated": "2025-11-20T17:30:17.896Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-4886 (GCVE-0-2023-4886)

    Vulnerability from cvelistv5 – Published: 2023-10-03 14:24 – Updated: 2026-02-25 18:32
    VLAI
    Title
    Foreman: world readable file containing secrets
    Summary
    A sensitive information exposure vulnerability was found in foreman. Contents of tomcat's server.xml file, which contain passwords to candlepin's keystore and truststore, were found to be world readable.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2023:7851 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1061 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2023-4886 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2230135 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Satellite 6.13 for RHEL 8 Unaffected: 0:3.5.1.24-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.13::el8
        cpe:/a:redhat:satellite_maintenance:6.13::el8
        cpe:/a:redhat:satellite:6.13::el8
        cpe:/a:redhat:satellite_capsule:6.13::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.14 for RHEL 8 Unaffected: 0:3.7.0.10-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.14::el8
        cpe:/a:redhat:satellite_capsule:6.14::el8
        cpe:/a:redhat:satellite:6.14::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.14 for RHEL 8 Unaffected: 1:3.7.0.5-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_utils:6.14::el8
        cpe:/a:redhat:satellite_capsule:6.14::el8
        cpe:/a:redhat:satellite:6.14::el8
    Create a notification for this product.
    Date Public
    2023-10-03 14:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:38:00.875Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2023:7851",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2023:7851"
              },
              {
                "name": "RHSA-2024:1061",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1061"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2023-4886"
              },
              {
                "name": "RHBZ#2230135",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230135"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-4886",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-03T14:56:17.785028Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-03T14:56:31.425Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.13::el8",
                "cpe:/a:redhat:satellite_maintenance:6.13::el8",
                "cpe:/a:redhat:satellite:6.13::el8",
                "cpe:/a:redhat:satellite_capsule:6.13::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.13 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.5.1.24-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.14::el8",
                "cpe:/a:redhat:satellite_capsule:6.14::el8",
                "cpe:/a:redhat:satellite:6.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.14 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.7.0.10-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_utils:6.14::el8",
                "cpe:/a:redhat:satellite_capsule:6.14::el8",
                "cpe:/a:redhat:satellite:6.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman-installer",
              "product": "Red Hat Satellite 6.14 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1:3.7.0.5-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "datePublic": "2023-10-03T14:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A sensitive information exposure vulnerability was found in foreman. Contents of tomcat\u0027s server.xml file, which contain passwords to candlepin\u0027s keystore and truststore, were found to be world readable."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-25T18:32:04.057Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2023:7851",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2023:7851"
            },
            {
              "name": "RHSA-2024:1061",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1061"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2023-4886"
            },
            {
              "name": "RHBZ#2230135",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230135"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-08-08T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2023-10-03T14:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Foreman: world readable file containing secrets",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2023-4886",
        "datePublished": "2023-10-03T14:24:56.342Z",
        "dateReserved": "2023-09-11T09:51:13.928Z",
        "dateUpdated": "2026-02-25T18:32:04.057Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-0118 (GCVE-0-2023-0118)

    Vulnerability from cvelistv5 – Published: 2023-09-20 13:39 – Updated: 2024-09-17 13:51
    VLAI
    Title
    Foreman: arbitrary code execution through templates
    Summary
    An arbitrary code execution flaw was found in Foreman. This flaw allows an admin user to bypass safe mode in templates and execute arbitrary code on the underlying operating system.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2023:4466 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2023:5979 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2023:5980 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2023:6818 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2023-0118 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2159291 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Satellite 6.11 for RHEL 7 Unaffected: 0:3.1.1.27-1.el7sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.11::el8
        cpe:/a:redhat:satellite_capsule:6.11::el7
        cpe:/a:redhat:satellite_utils:6.11::el8
        cpe:/a:redhat:satellite:6.11::el7
        cpe:/a:redhat:satellite_utils:6.11::el7
        cpe:/a:redhat:satellite:6.11::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.11 for RHEL 8 Unaffected: 0:3.1.1.27-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.11::el8
        cpe:/a:redhat:satellite_capsule:6.11::el7
        cpe:/a:redhat:satellite_utils:6.11::el8
        cpe:/a:redhat:satellite:6.11::el7
        cpe:/a:redhat:satellite_utils:6.11::el7
        cpe:/a:redhat:satellite:6.11::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.12 for RHEL 8 Unaffected: 0:1.3.8-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite:6.12::el8
        cpe:/a:redhat:satellite_capsule:6.12::el8
        cpe:/a:redhat:satellite_utils:6.12::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.13 for RHEL 8 Unaffected: 0:1.3.8-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.13::el8
        cpe:/a:redhat:satellite_utils:6.13::el8
        cpe:/a:redhat:satellite_maintenance:6.13::el8
        cpe:/a:redhat:satellite:6.13::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.14 for RHEL 8 Unaffected: 0:3.7.0.9-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_maintenance:6.14::el8
        cpe:/a:redhat:satellite_utils:6.14::el8
        cpe:/a:redhat:satellite:6.14::el8
        cpe:/a:redhat:satellite_capsule:6.14::el8
    Create a notification for this product.
    Date Public
    2023-03-12 00:00
    Credits
    Red Hat would like to thank Andrew Danau (Onsec.io) for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T05:02:43.821Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2023:4466",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2023:4466"
              },
              {
                "name": "RHSA-2023:5979",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2023:5979"
              },
              {
                "name": "RHSA-2023:5980",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2023:5980"
              },
              {
                "name": "RHSA-2023:6818",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2023:6818"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2023-0118"
              },
              {
                "name": "RHBZ#2159291",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2159291"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-0118",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-07T18:09:30.819280Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-17T13:51:28.373Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/theforeman/foreman",
              "defaultStatus": "affected",
              "packageName": "foreman"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.11::el8",
                "cpe:/a:redhat:satellite_capsule:6.11::el7",
                "cpe:/a:redhat:satellite_utils:6.11::el8",
                "cpe:/a:redhat:satellite:6.11::el7",
                "cpe:/a:redhat:satellite_utils:6.11::el7",
                "cpe:/a:redhat:satellite:6.11::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.11 for RHEL 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.1.1.27-1.el7sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.11::el8",
                "cpe:/a:redhat:satellite_capsule:6.11::el7",
                "cpe:/a:redhat:satellite_utils:6.11::el8",
                "cpe:/a:redhat:satellite:6.11::el7",
                "cpe:/a:redhat:satellite_utils:6.11::el7",
                "cpe:/a:redhat:satellite:6.11::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.11 for RHEL 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.1.1.27-1.el7sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.11::el8",
                "cpe:/a:redhat:satellite_capsule:6.11::el7",
                "cpe:/a:redhat:satellite_utils:6.11::el8",
                "cpe:/a:redhat:satellite:6.11::el7",
                "cpe:/a:redhat:satellite_utils:6.11::el7",
                "cpe:/a:redhat:satellite:6.11::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.11 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.1.1.27-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.11::el8",
                "cpe:/a:redhat:satellite_capsule:6.11::el7",
                "cpe:/a:redhat:satellite_utils:6.11::el8",
                "cpe:/a:redhat:satellite:6.11::el7",
                "cpe:/a:redhat:satellite_utils:6.11::el7",
                "cpe:/a:redhat:satellite:6.11::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.11 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.1.1.27-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6.12::el8",
                "cpe:/a:redhat:satellite_capsule:6.12::el8",
                "cpe:/a:redhat:satellite_utils:6.12::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-safemode",
              "product": "Red Hat Satellite 6.12 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.8-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.13::el8",
                "cpe:/a:redhat:satellite_utils:6.13::el8",
                "cpe:/a:redhat:satellite_maintenance:6.13::el8",
                "cpe:/a:redhat:satellite:6.13::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rubygem-safemode",
              "product": "Red Hat Satellite 6.13 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.8-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.14::el8",
                "cpe:/a:redhat:satellite_utils:6.14::el8",
                "cpe:/a:redhat:satellite:6.14::el8",
                "cpe:/a:redhat:satellite_capsule:6.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.14 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.7.0.9-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.14::el8",
                "cpe:/a:redhat:satellite_utils:6.14::el8",
                "cpe:/a:redhat:satellite:6.14::el8",
                "cpe:/a:redhat:satellite_capsule:6.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.14 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.7.0.9-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Andrew Danau (Onsec.io) for reporting this issue."
            }
          ],
          "datePublic": "2023-03-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An arbitrary code execution flaw was found in Foreman. This flaw allows an admin user to bypass safe mode in templates and execute arbitrary code on the underlying operating system."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-03T15:32:29.709Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2023:4466",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2023:4466"
            },
            {
              "name": "RHSA-2023:5979",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2023:5979"
            },
            {
              "name": "RHSA-2023:5980",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2023:5980"
            },
            {
              "name": "RHSA-2023:6818",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2023:6818"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2023-0118"
            },
            {
              "name": "RHBZ#2159291",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2159291"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2022-12-12T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2023-03-12T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Foreman: arbitrary code execution through templates",
          "x_redhatCweChain": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2023-0118",
        "datePublished": "2023-09-20T13:39:27.756Z",
        "dateReserved": "2023-01-09T13:21:05.016Z",
        "dateUpdated": "2024-09-17T13:51:28.373Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-0119 (GCVE-0-2023-0119)

    Vulnerability from cvelistv5 – Published: 2023-09-12 15:14 – Updated: 2024-08-02 05:02
    VLAI
    Title
    Foreman: stored cross-site scripting in host tab
    Summary
    A stored Cross-site scripting vulnerability was found in foreman. The Comment section in the Hosts tab has incorrect filtering of user input data. As a result of the attack, an attacker with an existing account on the system can steal another user's session, make requests on behalf of the user, and obtain user credentials.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    References
    Impacted products
    Vendor Product Version
    Unaffected: 3.4.2
    Unaffected: 3.5.1.16
    Unaffected: 3.5.2
    Unaffected: 3.6.0
    Red Hat Red Hat Satellite 6.13 for RHEL 8 Unaffected: 0:3.5.1.17-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_capsule:6.13::el8
        cpe:/a:redhat:satellite_utils:6.13::el8
        cpe:/a:redhat:satellite_maintenance:6.13::el8
        cpe:/a:redhat:satellite:6.13::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.14 for RHEL 8 Unaffected: 0:3.7.0.9-1.el8sat , < * (rpm)
        cpe:/a:redhat:satellite_maintenance:6.14::el8
        cpe:/a:redhat:satellite_utils:6.14::el8
        cpe:/a:redhat:satellite:6.14::el8
        cpe:/a:redhat:satellite_capsule:6.14::el8
    Create a notification for this product.
    Date Public
    2023-03-12 00:00
    Credits
    Red Hat would like to thank Dinko Dimitrov (Onsec.io) for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-0119",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-11T19:42:07.019021Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-11T19:42:12.486Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T05:02:43.579Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2023:3387",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2023:3387"
              },
              {
                "name": "RHSA-2023:6818",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2023:6818"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2023-0119"
              },
              {
                "name": "RHBZ#2159104",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2159104"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://projects.theforeman.org/issues/35977"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/theforeman/foreman",
              "packageName": "foreman",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "3.4.2"
                },
                {
                  "status": "unaffected",
                  "version": "3.5.1.16"
                },
                {
                  "status": "unaffected",
                  "version": "3.5.2"
                },
                {
                  "status": "unaffected",
                  "version": "3.6.0"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.13::el8",
                "cpe:/a:redhat:satellite_utils:6.13::el8",
                "cpe:/a:redhat:satellite_maintenance:6.13::el8",
                "cpe:/a:redhat:satellite:6.13::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.13 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.5.1.17-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_capsule:6.13::el8",
                "cpe:/a:redhat:satellite_utils:6.13::el8",
                "cpe:/a:redhat:satellite_maintenance:6.13::el8",
                "cpe:/a:redhat:satellite:6.13::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.13 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.5.1.17-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.14::el8",
                "cpe:/a:redhat:satellite_utils:6.14::el8",
                "cpe:/a:redhat:satellite:6.14::el8",
                "cpe:/a:redhat:satellite_capsule:6.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.14 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.7.0.9-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite_maintenance:6.14::el8",
                "cpe:/a:redhat:satellite_utils:6.14::el8",
                "cpe:/a:redhat:satellite:6.14::el8",
                "cpe:/a:redhat:satellite_capsule:6.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "foreman",
              "product": "Red Hat Satellite 6.14 for RHEL 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.7.0.9-1.el8sat",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Dinko Dimitrov (Onsec.io) for reporting this issue."
            }
          ],
          "datePublic": "2023-03-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A stored Cross-site scripting vulnerability was found in foreman. The Comment section in the Hosts tab has incorrect filtering of user input data. As a result of the attack, an attacker with an existing account on the system can steal another user\u0027s session, make requests on behalf of the user, and obtain user credentials."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-03T15:32:30.715Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2023:3387",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2023:3387"
            },
            {
              "name": "RHSA-2023:6818",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2023:6818"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2023-0119"
            },
            {
              "name": "RHBZ#2159104",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2159104"
            },
            {
              "url": "https://projects.theforeman.org/issues/35977"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2022-12-16T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2023-03-12T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Foreman: stored cross-site scripting in host tab",
          "x_redhatCweChain": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2023-0119",
        "datePublished": "2023-09-12T15:14:29.533Z",
        "dateReserved": "2023-01-09T13:23:29.547Z",
        "dateUpdated": "2024-08-02T05:02:43.579Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }