9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.2 High
AI Score
Confidence
High
0.035 Low
EPSS
Percentile
91.6%
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0336 advisory.
Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool.
This update provides Satellite 6.3 packages for Red Hat Enterprise Linux 7 Satellite server. For the full list of new features provided by Satellite 6.3, see the Release Notes linked to in the references section.
See the Satellite 6 Installation Guide for detailed instructions on how to install a new Satellite 6.3 environment, or the Satellite 6 Upgrading and Updating guide for detailed instructions on how to upgrade from prior versions of Satellite 6.
All users who require Satellite version 6.3 are advised to install these new packages.
Security Fix(es):
* V8: integer overflow leading to buffer overflow in Zone::New (CVE-2016-1669)
* rubygem-will_paginate: XSS vulnerabilities (CVE-2013-6459)
* foreman: models with a 'belongs_to' association to an Organization do not verify association belongs to that Organization (CVE-2014-8183)
* foreman: inspect in a provisioning template exposes sensitive controller information (CVE-2016-3693)
* pulp: Unsafe use of bash $RANDOM for NSS DB password and seed (CVE-2016-3704)
* foreman: privilege escalation through Organization and Locations API (CVE-2016-4451)
* foreman: inside discovery-debug, the root password is displayed in plaintext (CVE-2016-4996)
* foreman: Persistent XSS in Foreman remote execution plugin (CVE-2016-6319)
* foreman: Stored XSS via organization/location with HTML in name (CVE-2016-8639)
* katello-debug: Possible symlink attacks due to use of predictable file names (CVE-2016-9595)
* rubygem-hammer_cli: no verification of API server's SSL certificate (CVE-2017-2667)
* foreman: Image password leak (CVE-2017-2672)
* pulp: Leakage of CA key in pulp-qpid-ssl-cfg (CVE-2016-3696)
* foreman: Information disclosure in provisioning template previews (CVE-2016-4995)
* foreman-debug: missing obfuscation of sensitive information (CVE-2016-9593)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Randy Barlow (RedHat) for reporting CVE-2016-3704 and Sander Bos for reporting CVE-2016-3696. The CVE-2014-8183 issue was discovered by Eric Helms (Red Hat); the CVE-2016-3693 and CVE-2016-4995 issues were discovered by Dominic Cleal (Red Hat); the CVE-2016-4451 and CVE-2016-6319 issues were discovered by Marek Huln (Red Hat); the CVE-2016-4996 issue was discovered by Thom Carlin (Red Hat); the CVE-2016-8639 issue was discovered by Sanket Jagtap (Red Hat); the CVE-2016-9595 issue was discovered by Evgeni Golov (Red Hat); the CVE-2017-2667 issue was discovered by Tomas Strachota (Red Hat);
and the CVE-2016-9593 issue was discovered by Pavel Moravec (Red Hat).
Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2018:0336. The text
# itself is copyright (C) Red Hat, Inc.
#
include('compat.inc');
if (description)
{
script_id(107053);
script_version("3.9");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/06/03");
script_cve_id(
"CVE-2013-6459",
"CVE-2014-8183",
"CVE-2016-1669",
"CVE-2016-3693",
"CVE-2016-3696",
"CVE-2016-3704",
"CVE-2016-4451",
"CVE-2016-4995",
"CVE-2016-4996",
"CVE-2016-6319",
"CVE-2016-7077",
"CVE-2016-7078",
"CVE-2016-8613",
"CVE-2016-8634",
"CVE-2016-8639",
"CVE-2016-9593",
"CVE-2016-9595",
"CVE-2017-15699",
"CVE-2017-2295",
"CVE-2017-2667",
"CVE-2017-2672",
"CVE-2018-14623"
);
script_xref(name:"RHSA", value:"2018:0336");
script_name(english:"RHEL 7 : Satellite 6.3 (RHSA-2018:0336)");
script_set_attribute(attribute:"synopsis", value:
"The remote Red Hat host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as
referenced in the RHSA-2018:0336 advisory.
Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning,
remote management, and monitoring of multiple Linux deployments with a single centralized tool.
This update provides Satellite 6.3 packages for Red Hat Enterprise Linux 7 Satellite server. For the full
list of new features provided by Satellite 6.3, see the Release Notes linked to in the references section.
See the Satellite 6 Installation Guide for detailed instructions on how to install a new Satellite 6.3
environment, or the Satellite 6 Upgrading and Updating guide for detailed instructions on how to upgrade
from prior versions of Satellite 6.
All users who require Satellite version 6.3 are advised to install these new packages.
Security Fix(es):
* V8: integer overflow leading to buffer overflow in Zone::New (CVE-2016-1669)
* rubygem-will_paginate: XSS vulnerabilities (CVE-2013-6459)
* foreman: models with a 'belongs_to' association to an Organization do not verify association belongs to
that Organization (CVE-2014-8183)
* foreman: inspect in a provisioning template exposes sensitive controller information (CVE-2016-3693)
* pulp: Unsafe use of bash $RANDOM for NSS DB password and seed (CVE-2016-3704)
* foreman: privilege escalation through Organization and Locations API (CVE-2016-4451)
* foreman: inside discovery-debug, the root password is displayed in plaintext (CVE-2016-4996)
* foreman: Persistent XSS in Foreman remote execution plugin (CVE-2016-6319)
* foreman: Stored XSS via organization/location with HTML in name (CVE-2016-8639)
* katello-debug: Possible symlink attacks due to use of predictable file names (CVE-2016-9595)
* rubygem-hammer_cli: no verification of API server's SSL certificate (CVE-2017-2667)
* foreman: Image password leak (CVE-2017-2672)
* pulp: Leakage of CA key in pulp-qpid-ssl-cfg (CVE-2016-3696)
* foreman: Information disclosure in provisioning template previews (CVE-2016-4995)
* foreman-debug: missing obfuscation of sensitive information (CVE-2016-9593)
For more details about the security issue(s), including the impact, a CVSS score, and other related
information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Randy Barlow (RedHat) for reporting CVE-2016-3704 and Sander Bos for reporting
CVE-2016-3696. The CVE-2014-8183 issue was discovered by Eric Helms (Red Hat); the CVE-2016-3693 and
CVE-2016-4995 issues were discovered by Dominic Cleal (Red Hat); the CVE-2016-4451 and CVE-2016-6319
issues were discovered by Marek Huln (Red Hat); the CVE-2016-4996 issue was discovered by Thom Carlin
(Red Hat); the CVE-2016-8639 issue was discovered by Sanket Jagtap (Red Hat); the CVE-2016-9595 issue was
discovered by Evgeni Golov (Red Hat); the CVE-2017-2667 issue was discovered by Tomas Strachota (Red Hat);
and the CVE-2016-9593 issue was discovered by Pavel Moravec (Red Hat).
Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
# https://access.redhat.com/documentation/en-us/red_hat_satellite/6.3/html/release_notes/
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?809d0a34");
# https://access.redhat.com/security/data/csaf/v2/advisories/2018/rhsa-2018_0336.json
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?eab6a4df");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:0336");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/updates/classification/#important");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1019214");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1046642");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1132402");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1133515");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1140671");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1144042");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1145653");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1154382");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1177766");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1187338");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1190002");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1199204");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1210878");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1215825");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1217523");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1245642");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1255484");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1257588");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1260697");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1263748");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1264043");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1264732");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1265125");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1270771");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1274159");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1278642");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1278644");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1284686");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1291935");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1292510");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1293538");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1303103");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1304608");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1305059");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1306723");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1309569");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1309944");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1313634");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1317614");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1318534");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1323436");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1324508");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1327030");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1327471");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1328238");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1328930");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1330264");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1335449");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1336924");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1339715");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1339889");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1340559");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1342623");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1344049");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1348939");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1349136");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1361473");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1365815");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1366029");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1370168");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1376134");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1376191");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1382356");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1382735");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1384146");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1384548");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1386266");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1386278");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1390545");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1391831");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1393291");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1393409");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1394056");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1402922");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1406384");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1406729");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1410872");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1412186");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1413851");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1416119");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1417073");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1420711");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1422458");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1425121");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1425523");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1426404");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1426411");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1426448");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1428761");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1429426");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1434069");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1435972");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1436262");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1438376");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1439537");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1439850");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1445807");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1446707");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1446719");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1452124");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1455057");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1455455");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1458817");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1464224");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1468248");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1480346");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1480348");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1480886");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1493001");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1493494");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1517827");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1529099");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-1669");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2017-2672");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_cwe_id(190, 20, 200, 209, 284, 285, 312, 330, 345, 377, 502, 522, 532, 732, 79);
script_set_attribute(attribute:"vendor_severity", value:"Important");
script_set_attribute(attribute:"vuln_publication_date", value:"2013/12/31");
script_set_attribute(attribute:"patch_publication_date", value:"2018/02/21");
script_set_attribute(attribute:"plugin_publication_date", value:"2018/02/28");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:candlepin");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:candlepin-selinux");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-bootloaders-redhat");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-bootloaders-redhat-tftpboot");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-cli");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-compute");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-debug");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-discovery-image");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-ec2");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-gce");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-installer");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-installer-katello");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-libvirt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-openstack");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-ovirt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-postgresql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-proxy");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-proxy-content");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-rackspace");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-selinux");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-vmware");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:hiera");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:katello");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:katello-certs-tools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:katello-client-bootstrap");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:katello-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:katello-debug");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:katello-installer-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:katello-selinux");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:katello-service");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kobo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pulp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pulp-admin-client");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pulp-docker");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pulp-docker-admin-extensions");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pulp-docker-plugins");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pulp-katello");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pulp-nodes-child");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pulp-nodes-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pulp-nodes-parent");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pulp-ostree");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pulp-ostree-admin-extensions");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pulp-ostree-plugins");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pulp-puppet");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pulp-puppet-admin-extensions");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pulp-puppet-plugins");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pulp-puppet-tools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pulp-rpm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pulp-rpm-admin-extensions");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pulp-rpm-plugins");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pulp-selinux");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pulp-server");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:puppet-foreman_scap_client");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-pulp-agent-lib");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-pulp-bindings");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-pulp-client-lib");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-pulp-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-pulp-docker-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-pulp-oid_validation");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-pulp-ostree-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-pulp-puppet-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-pulp-repoauth");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-pulp-rpm-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-pulp-streamer");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-zope-interface");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:redhat-access-insights-puppet");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rubygem-foreman_scap_client");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rubygem-kafo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rubygem-kafo_parsers");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rubygem-kafo_wizards");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_dhcp_remote_isc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_discovery");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_discovery_image");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_dynflow");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_openscap");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_pulp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_remote_execution_ssh");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rubygem-tilt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:satellite");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:satellite-capsule");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:satellite-cli");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:satellite-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:satellite-debug-tools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:satellite-installer");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-bastion");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman-redhat_access");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman-tasks");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman-tasks-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_bootdisk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_discovery");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_docker");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_hooks");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_openscap");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_remote_execution");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_remote_execution_core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_templates");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_theme_satellite");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_virt_who_configure");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_csv");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_admin");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_bootdisk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_discovery");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_docker");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_openscap");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_remote_execution");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_tasks");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_virt_who_configure");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_katello");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-katello");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-katello_ostree");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ovirt_provision_plugin");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-smart_proxy_dynflow_core");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Red Hat Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2018-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("redhat_repos.nasl", "ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
exit(0);
}
include('rpm.inc');
include('rhel.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RedHat/release');
if (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');
var os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');
os_ver = os_ver[1];
if (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);
if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);
var constraints = [
{
'repo_relative_urls': [
'content/dist/rhel/server/7/7Server/x86_64/sat-capsule/6.3-puppet4/debug',
'content/dist/rhel/server/7/7Server/x86_64/sat-capsule/6.3-puppet4/os',
'content/dist/rhel/server/7/7Server/x86_64/sat-capsule/6.3-puppet4/source/SRPMS',
'content/dist/rhel/server/7/7Server/x86_64/sat-capsule/6.3/debug',
'content/dist/rhel/server/7/7Server/x86_64/sat-capsule/6.3/os',
'content/dist/rhel/server/7/7Server/x86_64/sat-capsule/6.3/source/SRPMS',
'content/dist/rhel/server/7/7Server/x86_64/satellite/6.3-puppet4/debug',
'content/dist/rhel/server/7/7Server/x86_64/satellite/6.3-puppet4/os',
'content/dist/rhel/server/7/7Server/x86_64/satellite/6.3-puppet4/source/SRPMS',
'content/dist/rhel/server/7/7Server/x86_64/satellite/6.3/debug',
'content/dist/rhel/server/7/7Server/x86_64/satellite/6.3/os',
'content/dist/rhel/server/7/7Server/x86_64/satellite/6.3/source/SRPMS'
],
'pkgs': [
{'reference':'foreman-1.15.6.34-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'foreman-bootloaders-redhat-201801241201-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'foreman-bootloaders-redhat-tftpboot-201801241201-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'foreman-cli-1.15.6.34-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'foreman-compute-1.15.6.34-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'foreman-debug-1.15.6.34-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'foreman-discovery-image-3.4.4-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'satellite-6'},
{'reference':'foreman-ec2-1.15.6.34-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'foreman-gce-1.15.6.34-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'foreman-installer-1.15.6.8-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'satellite-6'},
{'reference':'foreman-installer-katello-3.4.5.26-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'foreman-libvirt-1.15.6.34-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'foreman-openstack-1.15.6.34-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'foreman-ovirt-1.15.6.34-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'foreman-postgresql-1.15.6.34-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'foreman-proxy-1.15.6.4-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'foreman-proxy-content-3.4.5-15.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'foreman-rackspace-1.15.6.34-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'foreman-selinux-1.15.6.2-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'foreman-vmware-1.15.6.34-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'hiera-1.3.1-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'katello-3.4.5-15.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'katello-certs-tools-2.4.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'katello-client-bootstrap-1.5.1-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'katello-common-3.4.5-15.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'katello-debug-3.4.5-15.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'katello-installer-base-3.4.5.26-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'katello-selinux-3.0.2-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'katello-service-3.4.5-15.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'kobo-0.5.1-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'pulp-admin-client-2.13.4.6-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'pulp-docker-admin-extensions-2.4.1-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'pulp-docker-plugins-2.4.1-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'pulp-katello-1.0.2-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'pulp-nodes-child-2.13.4.6-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'pulp-nodes-common-2.13.4.6-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'pulp-nodes-parent-2.13.4.6-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'pulp-ostree-admin-extensions-1.2.1.1-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'pulp-ostree-plugins-1.2.1.1-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'pulp-puppet-admin-extensions-2.13.4-3.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'pulp-puppet-plugins-2.13.4-3.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'pulp-puppet-tools-2.13.4-3.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'pulp-rpm-admin-extensions-2.13.4.8-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'pulp-rpm-plugins-2.13.4.8-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'pulp-selinux-2.13.4.6-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'pulp-server-2.13.4.6-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'puppet-foreman_scap_client-0.3.16-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'python-pulp-agent-lib-2.13.4.6-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'python-pulp-bindings-2.13.4.6-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'python-pulp-client-lib-2.13.4.6-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'python-pulp-common-2.13.4.6-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'python-pulp-docker-common-2.4.1-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'python-pulp-oid_validation-2.13.4.6-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'python-pulp-ostree-common-1.2.1.1-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'python-pulp-puppet-common-2.13.4-3.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'python-pulp-repoauth-2.13.4.6-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'python-pulp-rpm-common-2.13.4.8-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'python-pulp-streamer-2.13.4.6-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'python-zope-interface-4.0.5-4.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'redhat-access-insights-puppet-0.0.9-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'rubygem-kafo-2.0.2-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'rubygem-kafo_parsers-0.1.6-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'rubygem-kafo_wizards-0.0.1-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'rubygem-smart_proxy_dhcp_remote_isc-0.0.2.1-1.fm1_15.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'rubygem-smart_proxy_discovery-1.0.4-3.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'rubygem-smart_proxy_discovery_image-1.0.9-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'rubygem-smart_proxy_dynflow-0.1.10-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'rubygem-smart_proxy_openscap-0.6.9-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'rubygem-smart_proxy_pulp-1.3.0-1.git.0.b5c2768.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'rubygem-smart_proxy_remote_execution_ssh-0.1.6-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'rubygem-tilt-1.3.7-2.git.0.3b416c9.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'satellite-6.3.0-23.0.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'satellite-capsule-6.3.0-23.0.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'satellite-cli-6.3.0-23.0.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'satellite-common-6.3.0-23.0.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'satellite-debug-tools-6.3.0-23.0.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'satellite-installer-6.3.0.12-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'tfm-rubygem-foreman-tasks-core-0.1.8-1.fm1_15.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'tfm-rubygem-foreman_remote_execution_core-1.0.6-1.fm1_15.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'tfm-rubygem-smart_proxy_dynflow_core-0.1.10-1.fm1_15.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'}
]
},
{
'repo_relative_urls': [
'content/dist/rhel/server/7/7Server/x86_64/satellite/6.3-puppet4/debug',
'content/dist/rhel/server/7/7Server/x86_64/satellite/6.3-puppet4/os',
'content/dist/rhel/server/7/7Server/x86_64/satellite/6.3-puppet4/source/SRPMS',
'content/dist/rhel/server/7/7Server/x86_64/satellite/6.3/debug',
'content/dist/rhel/server/7/7Server/x86_64/satellite/6.3/os',
'content/dist/rhel/server/7/7Server/x86_64/satellite/6.3/source/SRPMS'
],
'pkgs': [
{'reference':'candlepin-2.1.14-1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'candlepin-selinux-2.1.14-1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'rubygem-foreman_scap_client-0.3.0-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'tfm-rubygem-bastion-5.1.1.4-1.fm1_15.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'tfm-rubygem-foreman-redhat_access-2.0.13-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'tfm-rubygem-foreman-tasks-0.9.6.4-1.fm1_15.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'tfm-rubygem-foreman_bootdisk-10.0.2.2-1.fm1_15.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'tfm-rubygem-foreman_discovery-9.1.5.3-1.fm1_15.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'tfm-rubygem-foreman_docker-3.1.0.3-1.fm1_15.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'tfm-rubygem-foreman_hooks-0.3.14-1.fm1_15.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'tfm-rubygem-foreman_openscap-0.7.11-1.fm1_15.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'tfm-rubygem-foreman_remote_execution-1.3.7.2-1.fm1_15.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'tfm-rubygem-foreman_templates-5.0.1-1.fm1_15.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'tfm-rubygem-foreman_theme_satellite-1.0.4.16-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'tfm-rubygem-foreman_virt_who_configure-0.1.9-1.fm1_15.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'tfm-rubygem-hammer_cli-0.11.0.1-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'tfm-rubygem-hammer_cli_csv-2.3.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'tfm-rubygem-hammer_cli_foreman-0.11.0.5-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'tfm-rubygem-hammer_cli_foreman_admin-0.0.8-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'tfm-rubygem-hammer_cli_foreman_bootdisk-0.1.3.3-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'tfm-rubygem-hammer_cli_foreman_discovery-1.0.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'tfm-rubygem-hammer_cli_foreman_docker-0.0.6-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'tfm-rubygem-hammer_cli_foreman_openscap-0.1.5-1.fm1_15.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'tfm-rubygem-hammer_cli_foreman_remote_execution-0.0.6-1.fm1_15.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'tfm-rubygem-hammer_cli_foreman_tasks-0.0.12-1.fm1_15.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'tfm-rubygem-hammer_cli_foreman_virt_who_configure-0.0.3-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'tfm-rubygem-hammer_cli_katello-0.11.3.5-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'tfm-rubygem-katello-3.4.5.58-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'tfm-rubygem-katello_ostree-3.4.5.58-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'},
{'reference':'tfm-rubygem-ovirt_provision_plugin-1.0.2-1.fm1_15.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6'}
]
}
];
var applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);
if(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);
var flag = 0;
foreach var constraint_array ( constraints ) {
var repo_relative_urls = NULL;
if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];
foreach var pkg ( constraint_array['pkgs'] ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
var cves = NULL;
if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];
if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
if (reference &&
_release &&
rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&
(applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&
rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
}
}
if (flag)
{
var extra = NULL;
if (isnull(applicable_repo_urls) || !applicable_repo_urls) extra = rpm_report_get() + redhat_report_repo_caveat();
else extra = rpm_report_get();
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : extra
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'candlepin / candlepin-selinux / foreman / etc');
}
Vendor | Product | Version | CPE |
---|---|---|---|
redhat | enterprise_linux | foreman-rackspace | p-cpe:/a:redhat:enterprise_linux:foreman-rackspace |
redhat | enterprise_linux | pulp-server | p-cpe:/a:redhat:enterprise_linux:pulp-server |
redhat | enterprise_linux | tfm-rubygem-hammer_cli | p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli |
redhat | enterprise_linux | tfm-rubygem-hammer_cli_foreman_docker | p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_docker |
redhat | enterprise_linux | tfm-rubygem-foreman_templates | p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_templates |
redhat | enterprise_linux | redhat-access-insights-puppet | p-cpe:/a:redhat:enterprise_linux:redhat-access-insights-puppet |
redhat | enterprise_linux | tfm-rubygem-foreman-tasks | p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman-tasks |
redhat | enterprise_linux | katello-installer-base | p-cpe:/a:redhat:enterprise_linux:katello-installer-base |
redhat | enterprise_linux | pulp | p-cpe:/a:redhat:enterprise_linux:pulp |
redhat | enterprise_linux | pulp-rpm-plugins | p-cpe:/a:redhat:enterprise_linux:pulp-rpm-plugins |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6459
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8183
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1669
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3693
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3696
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3704
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4451
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4995
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4996
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6319
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7077
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7078
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8613
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8634
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8639
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9593
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9595
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15699
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2295
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2667
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2672
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14623
www.nessus.org/u?809d0a34
www.nessus.org/u?eab6a4df
access.redhat.com/errata/RHSA-2018:0336
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=1019214
bugzilla.redhat.com/show_bug.cgi?id=1046642
bugzilla.redhat.com/show_bug.cgi?id=1132402
bugzilla.redhat.com/show_bug.cgi?id=1133515
bugzilla.redhat.com/show_bug.cgi?id=1140671
bugzilla.redhat.com/show_bug.cgi?id=1144042
bugzilla.redhat.com/show_bug.cgi?id=1145653
bugzilla.redhat.com/show_bug.cgi?id=1154382
bugzilla.redhat.com/show_bug.cgi?id=1177766
bugzilla.redhat.com/show_bug.cgi?id=1187338
bugzilla.redhat.com/show_bug.cgi?id=1190002
bugzilla.redhat.com/show_bug.cgi?id=1199204
bugzilla.redhat.com/show_bug.cgi?id=1210878
bugzilla.redhat.com/show_bug.cgi?id=1215825
bugzilla.redhat.com/show_bug.cgi?id=1217523
bugzilla.redhat.com/show_bug.cgi?id=1245642
bugzilla.redhat.com/show_bug.cgi?id=1255484
bugzilla.redhat.com/show_bug.cgi?id=1257588
bugzilla.redhat.com/show_bug.cgi?id=1260697
bugzilla.redhat.com/show_bug.cgi?id=1263748
bugzilla.redhat.com/show_bug.cgi?id=1264043
bugzilla.redhat.com/show_bug.cgi?id=1264732
bugzilla.redhat.com/show_bug.cgi?id=1265125
bugzilla.redhat.com/show_bug.cgi?id=1270771
bugzilla.redhat.com/show_bug.cgi?id=1274159
bugzilla.redhat.com/show_bug.cgi?id=1278642
bugzilla.redhat.com/show_bug.cgi?id=1278644
bugzilla.redhat.com/show_bug.cgi?id=1284686
bugzilla.redhat.com/show_bug.cgi?id=1291935
bugzilla.redhat.com/show_bug.cgi?id=1292510
bugzilla.redhat.com/show_bug.cgi?id=1293538
bugzilla.redhat.com/show_bug.cgi?id=1303103
bugzilla.redhat.com/show_bug.cgi?id=1304608
bugzilla.redhat.com/show_bug.cgi?id=1305059
bugzilla.redhat.com/show_bug.cgi?id=1306723
bugzilla.redhat.com/show_bug.cgi?id=1309569
bugzilla.redhat.com/show_bug.cgi?id=1309944
bugzilla.redhat.com/show_bug.cgi?id=1313634
bugzilla.redhat.com/show_bug.cgi?id=1317614
bugzilla.redhat.com/show_bug.cgi?id=1318534
bugzilla.redhat.com/show_bug.cgi?id=1323436
bugzilla.redhat.com/show_bug.cgi?id=1324508
bugzilla.redhat.com/show_bug.cgi?id=1327030
bugzilla.redhat.com/show_bug.cgi?id=1327471
bugzilla.redhat.com/show_bug.cgi?id=1328238
bugzilla.redhat.com/show_bug.cgi?id=1328930
bugzilla.redhat.com/show_bug.cgi?id=1330264
bugzilla.redhat.com/show_bug.cgi?id=1335449
bugzilla.redhat.com/show_bug.cgi?id=1336924
bugzilla.redhat.com/show_bug.cgi?id=1339715
bugzilla.redhat.com/show_bug.cgi?id=1339889
bugzilla.redhat.com/show_bug.cgi?id=1340559
bugzilla.redhat.com/show_bug.cgi?id=1342623
bugzilla.redhat.com/show_bug.cgi?id=1344049
bugzilla.redhat.com/show_bug.cgi?id=1348939
bugzilla.redhat.com/show_bug.cgi?id=1349136
bugzilla.redhat.com/show_bug.cgi?id=1361473
bugzilla.redhat.com/show_bug.cgi?id=1365815
bugzilla.redhat.com/show_bug.cgi?id=1366029
bugzilla.redhat.com/show_bug.cgi?id=1370168
bugzilla.redhat.com/show_bug.cgi?id=1376134
bugzilla.redhat.com/show_bug.cgi?id=1376191
bugzilla.redhat.com/show_bug.cgi?id=1382356
bugzilla.redhat.com/show_bug.cgi?id=1382735
bugzilla.redhat.com/show_bug.cgi?id=1384146
bugzilla.redhat.com/show_bug.cgi?id=1384548
bugzilla.redhat.com/show_bug.cgi?id=1386266
bugzilla.redhat.com/show_bug.cgi?id=1386278
bugzilla.redhat.com/show_bug.cgi?id=1390545
bugzilla.redhat.com/show_bug.cgi?id=1391831
bugzilla.redhat.com/show_bug.cgi?id=1393291
bugzilla.redhat.com/show_bug.cgi?id=1393409
bugzilla.redhat.com/show_bug.cgi?id=1394056
bugzilla.redhat.com/show_bug.cgi?id=1402922
bugzilla.redhat.com/show_bug.cgi?id=1406384
bugzilla.redhat.com/show_bug.cgi?id=1406729
bugzilla.redhat.com/show_bug.cgi?id=1410872
bugzilla.redhat.com/show_bug.cgi?id=1412186
bugzilla.redhat.com/show_bug.cgi?id=1413851
bugzilla.redhat.com/show_bug.cgi?id=1416119
bugzilla.redhat.com/show_bug.cgi?id=1417073
bugzilla.redhat.com/show_bug.cgi?id=1420711
bugzilla.redhat.com/show_bug.cgi?id=1422458
bugzilla.redhat.com/show_bug.cgi?id=1425121
bugzilla.redhat.com/show_bug.cgi?id=1425523
bugzilla.redhat.com/show_bug.cgi?id=1426404
bugzilla.redhat.com/show_bug.cgi?id=1426411
bugzilla.redhat.com/show_bug.cgi?id=1426448
bugzilla.redhat.com/show_bug.cgi?id=1428761
bugzilla.redhat.com/show_bug.cgi?id=1429426
bugzilla.redhat.com/show_bug.cgi?id=1434069
bugzilla.redhat.com/show_bug.cgi?id=1435972
bugzilla.redhat.com/show_bug.cgi?id=1436262
bugzilla.redhat.com/show_bug.cgi?id=1438376
bugzilla.redhat.com/show_bug.cgi?id=1439537
bugzilla.redhat.com/show_bug.cgi?id=1439850
bugzilla.redhat.com/show_bug.cgi?id=1445807
bugzilla.redhat.com/show_bug.cgi?id=1446707
bugzilla.redhat.com/show_bug.cgi?id=1446719
bugzilla.redhat.com/show_bug.cgi?id=1452124
bugzilla.redhat.com/show_bug.cgi?id=1455057
bugzilla.redhat.com/show_bug.cgi?id=1455455
bugzilla.redhat.com/show_bug.cgi?id=1458817
bugzilla.redhat.com/show_bug.cgi?id=1464224
bugzilla.redhat.com/show_bug.cgi?id=1468248
bugzilla.redhat.com/show_bug.cgi?id=1480346
bugzilla.redhat.com/show_bug.cgi?id=1480348
bugzilla.redhat.com/show_bug.cgi?id=1480886
bugzilla.redhat.com/show_bug.cgi?id=1493001
bugzilla.redhat.com/show_bug.cgi?id=1493494
bugzilla.redhat.com/show_bug.cgi?id=1517827
bugzilla.redhat.com/show_bug.cgi?id=1529099
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.2 High
AI Score
Confidence
High
0.035 Low
EPSS
Percentile
91.6%