10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.9 High
AI Score
Confidence
High
0.732 High
EPSS
Percentile
98.1%
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6818 advisory.
Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool.
Security Fix(es):
* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)
* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
* GitPython: Insecure non-multi options in clone and clone_from is not blocked (CVE-2023-40267)
* kubeclient: kubeconfig parsing error can lead to MITM attacks (CVE-2022-0759)
* foreman: OS command injection via ct_command and fcct_command (CVE-2022-3874)
* ruby-git: code injection vulnerability (CVE-2022-46648)
* ruby-git: code injection vulnerability (CVE-2022-47318)
* Foreman: Arbitrary code execution through templates (CVE-2023-0118)
* rubygem-activerecord: SQL Injection (CVE-2023-22794)
* openssl: c_rehash script allows command injection (CVE-2022-1292)
* openssl: the c_rehash script allows command injection (CVE-2022-2068)
* Pulp:Tokens stored in plaintext (CVE-2022-3644)
* satellite: Blind SSRF via Referer header (CVE-2022-4130)
* python-future: remote attackers can cause denial of service via crafted Set-Cookie header from malicious web server (CVE-2022-40899)
* golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)
* rubygem-activerecord: Denial of Service (CVE-2022-44566)
* rubygem-rack: denial of service in Content-Disposition parsing (CVE-2022-44570)
* rubygem-rack: denial of service in Content-Disposition parsing (CVE-2022-44571)
* rubygem-rack: denial of service in Content-Disposition parsing (CVE-2022-44572)
* Foreman: Stored cross-site scripting in host tab (CVE-2023-0119)
* puppet: Puppet Server ReDoS (CVE-2023-1894)
* rubygem-actionpack: Denial of Service in Action Dispatch (CVE-2023-22792)
* rubygem-actionpack: Denial of Service in Action Dispatch (CVE-2023-22795)
* rubygem-activesupport: Regular Expression Denial of Service (CVE-2023-22796)
* rubygem-globalid: ReDoS vulnerability (CVE-2023-22799)
* rubygem-rack: Denial of service in Multipart MIME parsing (CVE-2023-27530)
* rubygem-rack: denial of service in header parsing (CVE-2023-27539)
* golang: net/http: insufficient sanitization of Host header (CVE-2023-29406)
* sqlparse: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service) (CVE-2023-30608)
* python-django: Potential bypass of validation when uploading multiple files using one form field (CVE-2023-31047)
* python-requests: Unintended leak of Proxy-Authorization header (CVE-2023-32681)
* python-django: Potential regular expression denial of service vulnerability in EmailValidator/URLValidator (CVE-2023-36053)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
This update also fixes several bugs and adds various enhancements. Documentation for these changes is available from the Release Notes document linked to in the References section.
Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2023:6818. The text
# itself is copyright (C) Red Hat, Inc.
##
include('compat.inc');
if (description)
{
script_id(194436);
script_version("1.2");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/06/03");
script_cve_id(
"CVE-2022-0759",
"CVE-2022-1292",
"CVE-2022-2068",
"CVE-2022-3644",
"CVE-2022-3874",
"CVE-2022-4130",
"CVE-2022-40899",
"CVE-2022-41717",
"CVE-2022-44566",
"CVE-2022-44570",
"CVE-2022-44571",
"CVE-2022-44572",
"CVE-2022-46648",
"CVE-2022-47318",
"CVE-2023-0118",
"CVE-2023-0119",
"CVE-2023-1894",
"CVE-2023-22792",
"CVE-2023-22794",
"CVE-2023-22795",
"CVE-2023-22796",
"CVE-2023-22799",
"CVE-2023-27530",
"CVE-2023-27539",
"CVE-2023-29406",
"CVE-2023-30608",
"CVE-2023-31047",
"CVE-2023-32681",
"CVE-2023-36053",
"CVE-2023-39325",
"CVE-2023-40267",
"CVE-2023-44487"
);
script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2023/10/31");
script_xref(name:"RHSA", value:"2023:6818");
script_xref(name:"CEA-ID", value:"CEA-2024-0004");
script_name(english:"RHEL 8 : Satellite 6.14 (RHSA-2023:6818)");
script_set_attribute(attribute:"synopsis", value:
"The remote Red Hat host is missing one or more security updates for Satellite 6.14.");
script_set_attribute(attribute:"description", value:
"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as
referenced in the RHSA-2023:6818 advisory.
Red Hat Satellite is a systems management tool for Linux-based
infrastructure. It allows for provisioning, remote management, and
monitoring of multiple Linux deployments with a single centralized tool.
Security Fix(es):
* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)
(CVE-2023-39325)
* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)
(CVE-2023-44487)
* GitPython: Insecure non-multi options in clone and clone_from is not blocked (CVE-2023-40267)
* kubeclient: kubeconfig parsing error can lead to MITM attacks (CVE-2022-0759)
* foreman: OS command injection via ct_command and fcct_command (CVE-2022-3874)
* ruby-git: code injection vulnerability (CVE-2022-46648)
* ruby-git: code injection vulnerability (CVE-2022-47318)
* Foreman: Arbitrary code execution through templates (CVE-2023-0118)
* rubygem-activerecord: SQL Injection (CVE-2023-22794)
* openssl: c_rehash script allows command injection (CVE-2022-1292)
* openssl: the c_rehash script allows command injection (CVE-2022-2068)
* Pulp:Tokens stored in plaintext (CVE-2022-3644)
* satellite: Blind SSRF via Referer header (CVE-2022-4130)
* python-future: remote attackers can cause denial of service via crafted Set-Cookie header from malicious
web server (CVE-2022-40899)
* golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)
* rubygem-activerecord: Denial of Service (CVE-2022-44566)
* rubygem-rack: denial of service in Content-Disposition parsing (CVE-2022-44570)
* rubygem-rack: denial of service in Content-Disposition parsing (CVE-2022-44571)
* rubygem-rack: denial of service in Content-Disposition parsing (CVE-2022-44572)
* Foreman: Stored cross-site scripting in host tab (CVE-2023-0119)
* puppet: Puppet Server ReDoS (CVE-2023-1894)
* rubygem-actionpack: Denial of Service in Action Dispatch (CVE-2023-22792)
* rubygem-actionpack: Denial of Service in Action Dispatch (CVE-2023-22795)
* rubygem-activesupport: Regular Expression Denial of Service (CVE-2023-22796)
* rubygem-globalid: ReDoS vulnerability (CVE-2023-22799)
* rubygem-rack: Denial of service in Multipart MIME parsing (CVE-2023-27530)
* rubygem-rack: denial of service in header parsing (CVE-2023-27539)
* golang: net/http: insufficient sanitization of Host header (CVE-2023-29406)
* sqlparse: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of
Service) (CVE-2023-30608)
* python-django: Potential bypass of validation when uploading multiple files using one form field
(CVE-2023-31047)
* python-requests: Unintended leak of Proxy-Authorization header (CVE-2023-32681)
* python-django: Potential regular expression denial of service vulnerability in
EmailValidator/URLValidator (CVE-2023-36053)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and
other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
This update also fixes several bugs and adds various enhancements. Documentation for these changes is
available from the Release Notes document linked to in the References section.
Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/updates/classification/#important");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/vulnerabilities/RHSB-2023-003");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1265120");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1726504");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1735722");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1813953");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1859112");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1872414");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1885552");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1904201");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1922972");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1925532");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1944710");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1947095");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1949960");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1950836");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1955046");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1967030");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1972308");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1980277");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1992283");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1995783");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2000215");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2002202");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2009069");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2013759");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2043089");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2044537");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2053421");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2055790");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2058404");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2060613");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2069324");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2069666");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2073535");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2077081");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2077633");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2080386");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2081494");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2081777");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2082001");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2088559");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2090620");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2094301");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2096942");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2097310");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2103424");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2105676");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2106473");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2116369");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2117760");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2122872");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2123306");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2124658");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2125366");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2127134");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2129432");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2130173");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2130871");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2131990");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2134436");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2135215");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2135498");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2135722");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2138172");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2140577");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2140636");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2143051");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2143290");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2145254");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2152951");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2154917");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2156522");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2158510");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2158526");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2158702");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2158780");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2159104");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2159105");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2159291");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2159672");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2159839");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2161209");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2161274");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2161993");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2164359");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2164400");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2164714");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2164719");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2164722");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2164730");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2164736");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2164785");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2164789");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2164799");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2164800");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2165107");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2165866");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2165906");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2166404");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2166435");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2166466");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2166640");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2167097");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2167146");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2167371");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2167396");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2168414");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2169322");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2169385");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2169682");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2169847");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2170125");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2170127");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2170485");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2170535");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2170917");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2171180");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2172355");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2172564");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2173159");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2173199");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2173535");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2173671");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2173692");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2173757");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2174367");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2174912");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2176214");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2176368");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2176477");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2176870");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2178133");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2178176");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2178307");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2178645");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2178734");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2178775");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2179574");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2179649");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2179721");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2179725");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2180490");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2180760");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2180865");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2180954");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2181226");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2181254");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2181602");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2182353");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2183172");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2183357");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2184278");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2186713");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2186765");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2187599");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2187613");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2187903");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2187967");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2188504");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2188721");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2192565");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2192583");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2192841");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2193088");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2193451");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2196076");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2196085");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2196436");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2196540");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2196775");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2203093");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2203183");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2207782");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2208161");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2208535");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2209037");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2209469");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2209938");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2210284");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2210297");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2211210");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2211394");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2211437");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2211484");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2211502");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2211711");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2211966");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2212148");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2212523");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2212630");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2212740");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2212756");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2212812");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2212996");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2213088");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2213128");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2213190");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2213246");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2213281");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2213486");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2213515");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2213579");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2213582");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2213768");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2213777");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2213804");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2214261");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2214272");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2214274");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2214290");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2214578");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2215081");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2215093");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2215238");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2215294");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2215426");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2215954");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2215986");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2216194");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2216461");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2216564");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2216757");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2216907");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2217942");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2218004");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2218307");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2218625");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2218878");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2218930");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2218932");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2219648");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2220965");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2220969");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2220978");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2221291");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2221407");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2221621");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2221983");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2222167");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2222444");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2222446");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2222447");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2222705");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2222839");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2222890");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2222907");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2222979");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2223048");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2223050");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2223618");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2223707");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2223891");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2223996");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2224031");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2224113");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2224334");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2224494");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2224498");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2225090");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2225141");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2225333");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2225383");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2225402");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2225406");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2225409");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2226950");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2227028");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2227093");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2227271");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2227338");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2228287");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2229788");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2229897");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2230584");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2230934");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2231363");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2231474");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2232370");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2232775");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2234444");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2235231");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2236685");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2239115");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2242803");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2243296");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2245056");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2245930");
# https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_6818.json
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?9940af68");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2023:6818");
script_set_attribute(attribute:"solution", value:
"Update the RHEL Satellite 6.14 package based on the guidance in RHSA-2023:6818.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-2068");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2023-40267");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_cwe_id(20, 77, 78, 79, 89, 94, 113, 256, 295, 400, 402, 770, 918, 1333);
script_set_attribute(attribute:"vendor_severity", value:"Important");
script_set_attribute(attribute:"vuln_publication_date", value:"2022/03/25");
script_set_attribute(attribute:"patch_publication_date", value:"2023/11/08");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/04/29");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:8");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-cli");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-debug");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-dynflow-sidekiq");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-ec2");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-journald");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-libvirt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-openstack");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-ovirt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-postgresql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-redis");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-service");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-telemetry");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-vmware");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:puppet-agent");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:puppetserver");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-django");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-future");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-gitpython");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-pulp-ansible");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-requests");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-sqlparse");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-django");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-future");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-gitpython");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-pulp-ansible");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-requests");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-sqlparse");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rubygem-actionpack");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rubygem-activerecord");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rubygem-activesupport");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rubygem-git");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rubygem-globalid");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rubygem-kubeclient");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rubygem-rack");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:yggdrasil-worker-forwarder");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Red Hat Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl", "redhat_repos.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
exit(0);
}
include('rpm.inc');
include('rhel.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RedHat/release');
if (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');
var os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');
os_ver = os_ver[1];
if (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);
if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);
var constraints = [
{
'repo_relative_urls': [
'content/dist/layered/rhel8/x86_64/sat-capsule/6.14/debug',
'content/dist/layered/rhel8/x86_64/sat-capsule/6.14/os',
'content/dist/layered/rhel8/x86_64/sat-capsule/6.14/source/SRPMS',
'content/dist/layered/rhel8/x86_64/sat-utils/6.14/debug',
'content/dist/layered/rhel8/x86_64/sat-utils/6.14/os',
'content/dist/layered/rhel8/x86_64/sat-utils/6.14/source/SRPMS',
'content/dist/layered/rhel8/x86_64/satellite/6.14/debug',
'content/dist/layered/rhel8/x86_64/satellite/6.14/os',
'content/dist/layered/rhel8/x86_64/satellite/6.14/source/SRPMS'
],
'pkgs': [
{'reference':'foreman-3.7.0.9-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2022-3874', 'CVE-2022-4130', 'CVE-2023-0118', 'CVE-2023-0119']},
{'reference':'foreman-cli-3.7.0.9-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2022-3874', 'CVE-2022-4130', 'CVE-2023-0118', 'CVE-2023-0119']},
{'reference':'foreman-debug-3.7.0.9-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2022-3874', 'CVE-2022-4130', 'CVE-2023-0118', 'CVE-2023-0119']},
{'reference':'foreman-dynflow-sidekiq-3.7.0.9-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2022-3874', 'CVE-2022-4130', 'CVE-2023-0118', 'CVE-2023-0119']},
{'reference':'foreman-ec2-3.7.0.9-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2022-3874', 'CVE-2022-4130', 'CVE-2023-0118', 'CVE-2023-0119']},
{'reference':'foreman-journald-3.7.0.9-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2022-3874', 'CVE-2022-4130', 'CVE-2023-0118', 'CVE-2023-0119']},
{'reference':'foreman-libvirt-3.7.0.9-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2022-3874', 'CVE-2022-4130', 'CVE-2023-0118', 'CVE-2023-0119']},
{'reference':'foreman-openstack-3.7.0.9-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2022-3874', 'CVE-2022-4130', 'CVE-2023-0118', 'CVE-2023-0119']},
{'reference':'foreman-ovirt-3.7.0.9-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2022-3874', 'CVE-2022-4130', 'CVE-2023-0118', 'CVE-2023-0119']},
{'reference':'foreman-postgresql-3.7.0.9-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2022-3874', 'CVE-2022-4130', 'CVE-2023-0118', 'CVE-2023-0119']},
{'reference':'foreman-redis-3.7.0.9-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2022-3874', 'CVE-2022-4130', 'CVE-2023-0118', 'CVE-2023-0119']},
{'reference':'foreman-service-3.7.0.9-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2022-3874', 'CVE-2022-4130', 'CVE-2023-0118', 'CVE-2023-0119']},
{'reference':'foreman-telemetry-3.7.0.9-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2022-3874', 'CVE-2022-4130', 'CVE-2023-0118', 'CVE-2023-0119']},
{'reference':'foreman-vmware-3.7.0.9-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2022-3874', 'CVE-2022-4130', 'CVE-2023-0118', 'CVE-2023-0119']}
]
},
{
'repo_relative_urls': [
'content/dist/layered/rhel8/x86_64/sat-capsule/6.14/debug',
'content/dist/layered/rhel8/x86_64/sat-capsule/6.14/os',
'content/dist/layered/rhel8/x86_64/sat-capsule/6.14/source/SRPMS',
'content/dist/layered/rhel8/x86_64/satellite/6.14/debug',
'content/dist/layered/rhel8/x86_64/satellite/6.14/os',
'content/dist/layered/rhel8/x86_64/satellite/6.14/source/SRPMS'
],
'pkgs': [
{'reference':'puppet-agent-7.26.0-3.el8sat', 'cpu':'x86_64', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2022-1292', 'CVE-2022-2068']},
{'reference':'puppetserver-7.11.0-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2023-1894']},
{'reference':'python39-django-3.2.21-1.el8pc', 'release':'8', 'el_string':'el8pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2023-31047', 'CVE-2023-36053']},
{'reference':'python39-future-0.18.3-1.el8pc', 'release':'8', 'el_string':'el8pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2022-40899']},
{'reference':'python39-gitpython-3.1.32-1.el8pc', 'release':'8', 'el_string':'el8pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2023-40267']},
{'reference':'python39-pulp-ansible-0.16.0-1.el8pc', 'release':'8', 'el_string':'el8pc', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'satellite-6', 'cves':['CVE-2022-3644']},
{'reference':'python39-requests-2.31.0-1.el8pc', 'release':'8', 'el_string':'el8pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2023-32681']},
{'reference':'python39-sqlparse-0.4.4-1.el8pc', 'release':'8', 'el_string':'el8pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2023-30608']},
{'reference':'rubygem-rack-2.2.7-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2022-44570', 'CVE-2022-44571', 'CVE-2022-44572', 'CVE-2023-27530', 'CVE-2023-27539']}
]
},
{
'repo_relative_urls': [
'content/dist/layered/rhel8/x86_64/satellite/6.14/debug',
'content/dist/layered/rhel8/x86_64/satellite/6.14/os',
'content/dist/layered/rhel8/x86_64/satellite/6.14/source/SRPMS'
],
'pkgs': [
{'reference':'rubygem-actionpack-6.1.7.3-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2023-22792', 'CVE-2023-22795']},
{'reference':'rubygem-activerecord-6.1.7.3-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2022-44566', 'CVE-2023-22794']},
{'reference':'rubygem-activesupport-6.1.7.3-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2023-22796']},
{'reference':'rubygem-git-1.18.0-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2022-46648', 'CVE-2022-47318']},
{'reference':'rubygem-globalid-1.1.0-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2023-22799']},
{'reference':'rubygem-kubeclient-4.10.1-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2022-0759']},
{'reference':'yggdrasil-worker-forwarder-0.0.3-1.el8sat', 'cpu':'x86_64', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2022-41717', 'CVE-2023-29406', 'CVE-2023-39325', 'CVE-2023-44487']}
]
}
];
var applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);
if(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);
var flag = 0;
foreach var constraint_array ( constraints ) {
var repo_relative_urls = NULL;
if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];
foreach var pkg ( constraint_array['pkgs'] ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
var cves = NULL;
if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];
if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
if (reference &&
_release &&
rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&
(applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&
rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
}
}
if (flag)
{
var extra = NULL;
if (isnull(applicable_repo_urls) || !applicable_repo_urls) extra = rpm_report_get() + redhat_report_repo_caveat();
else extra = rpm_report_get();
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : extra
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'foreman / foreman-cli / foreman-debug / foreman-dynflow-sidekiq / etc');
}
Vendor | Product | Version | CPE |
---|---|---|---|
redhat | enterprise_linux | yggdrasil-worker-forwarder | p-cpe:/a:redhat:enterprise_linux:yggdrasil-worker-forwarder |
redhat | enterprise_linux | foreman-service | p-cpe:/a:redhat:enterprise_linux:foreman-service |
redhat | enterprise_linux | python-gitpython | p-cpe:/a:redhat:enterprise_linux:python-gitpython |
redhat | enterprise_linux | foreman-vmware | p-cpe:/a:redhat:enterprise_linux:foreman-vmware |
redhat | enterprise_linux | foreman | p-cpe:/a:redhat:enterprise_linux:foreman |
redhat | enterprise_linux | foreman-telemetry | p-cpe:/a:redhat:enterprise_linux:foreman-telemetry |
redhat | enterprise_linux | python-future | p-cpe:/a:redhat:enterprise_linux:python-future |
redhat | enterprise_linux | python39-django | p-cpe:/a:redhat:enterprise_linux:python39-django |
redhat | enterprise_linux | foreman-postgresql | p-cpe:/a:redhat:enterprise_linux:foreman-postgresql |
redhat | enterprise_linux | foreman-dynflow-sidekiq | p-cpe:/a:redhat:enterprise_linux:foreman-dynflow-sidekiq |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0759
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3644
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3874
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40899
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4130
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44566
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44570
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44571
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44572
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46648
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47318
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0118
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0119
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1894
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22792
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22794
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22795
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22796
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22799
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27530
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27539
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29406
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30608
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31047
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32681
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36053
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40267
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487
www.nessus.org/u?9940af68
access.redhat.com/errata/RHSA-2023:6818
access.redhat.com/security/updates/classification/#important
access.redhat.com/security/vulnerabilities/RHSB-2023-003
bugzilla.redhat.com/show_bug.cgi?id=1265120
bugzilla.redhat.com/show_bug.cgi?id=1726504
bugzilla.redhat.com/show_bug.cgi?id=1735722
bugzilla.redhat.com/show_bug.cgi?id=1813953
bugzilla.redhat.com/show_bug.cgi?id=1859112
bugzilla.redhat.com/show_bug.cgi?id=1872414
bugzilla.redhat.com/show_bug.cgi?id=1885552
bugzilla.redhat.com/show_bug.cgi?id=1904201
bugzilla.redhat.com/show_bug.cgi?id=1922972
bugzilla.redhat.com/show_bug.cgi?id=1925532
bugzilla.redhat.com/show_bug.cgi?id=1944710
bugzilla.redhat.com/show_bug.cgi?id=1947095
bugzilla.redhat.com/show_bug.cgi?id=1949960
bugzilla.redhat.com/show_bug.cgi?id=1950836
bugzilla.redhat.com/show_bug.cgi?id=1955046
bugzilla.redhat.com/show_bug.cgi?id=1967030
bugzilla.redhat.com/show_bug.cgi?id=1972308
bugzilla.redhat.com/show_bug.cgi?id=1980277
bugzilla.redhat.com/show_bug.cgi?id=1992283
bugzilla.redhat.com/show_bug.cgi?id=1995783
bugzilla.redhat.com/show_bug.cgi?id=2000215
bugzilla.redhat.com/show_bug.cgi?id=2002202
bugzilla.redhat.com/show_bug.cgi?id=2009069
bugzilla.redhat.com/show_bug.cgi?id=2013759
bugzilla.redhat.com/show_bug.cgi?id=2043089
bugzilla.redhat.com/show_bug.cgi?id=2044537
bugzilla.redhat.com/show_bug.cgi?id=2053421
bugzilla.redhat.com/show_bug.cgi?id=2055790
bugzilla.redhat.com/show_bug.cgi?id=2058404
bugzilla.redhat.com/show_bug.cgi?id=2060613
bugzilla.redhat.com/show_bug.cgi?id=2069324
bugzilla.redhat.com/show_bug.cgi?id=2069666
bugzilla.redhat.com/show_bug.cgi?id=2073535
bugzilla.redhat.com/show_bug.cgi?id=2077081
bugzilla.redhat.com/show_bug.cgi?id=2077633
bugzilla.redhat.com/show_bug.cgi?id=2080386
bugzilla.redhat.com/show_bug.cgi?id=2081494
bugzilla.redhat.com/show_bug.cgi?id=2081777
bugzilla.redhat.com/show_bug.cgi?id=2082001
bugzilla.redhat.com/show_bug.cgi?id=2088559
bugzilla.redhat.com/show_bug.cgi?id=2090620
bugzilla.redhat.com/show_bug.cgi?id=2094301
bugzilla.redhat.com/show_bug.cgi?id=2096942
bugzilla.redhat.com/show_bug.cgi?id=2097310
bugzilla.redhat.com/show_bug.cgi?id=2103424
bugzilla.redhat.com/show_bug.cgi?id=2105676
bugzilla.redhat.com/show_bug.cgi?id=2106473
bugzilla.redhat.com/show_bug.cgi?id=2116369
bugzilla.redhat.com/show_bug.cgi?id=2117760
bugzilla.redhat.com/show_bug.cgi?id=2122872
bugzilla.redhat.com/show_bug.cgi?id=2123306
bugzilla.redhat.com/show_bug.cgi?id=2124658
bugzilla.redhat.com/show_bug.cgi?id=2125366
bugzilla.redhat.com/show_bug.cgi?id=2127134
bugzilla.redhat.com/show_bug.cgi?id=2129432
bugzilla.redhat.com/show_bug.cgi?id=2130173
bugzilla.redhat.com/show_bug.cgi?id=2130871
bugzilla.redhat.com/show_bug.cgi?id=2131990
bugzilla.redhat.com/show_bug.cgi?id=2134436
bugzilla.redhat.com/show_bug.cgi?id=2135215
bugzilla.redhat.com/show_bug.cgi?id=2135498
bugzilla.redhat.com/show_bug.cgi?id=2135722
bugzilla.redhat.com/show_bug.cgi?id=2138172
bugzilla.redhat.com/show_bug.cgi?id=2140577
bugzilla.redhat.com/show_bug.cgi?id=2140636
bugzilla.redhat.com/show_bug.cgi?id=2143051
bugzilla.redhat.com/show_bug.cgi?id=2143290
bugzilla.redhat.com/show_bug.cgi?id=2145254
bugzilla.redhat.com/show_bug.cgi?id=2152951
bugzilla.redhat.com/show_bug.cgi?id=2154917
bugzilla.redhat.com/show_bug.cgi?id=2156522
bugzilla.redhat.com/show_bug.cgi?id=2158510
bugzilla.redhat.com/show_bug.cgi?id=2158526
bugzilla.redhat.com/show_bug.cgi?id=2158702
bugzilla.redhat.com/show_bug.cgi?id=2158780
bugzilla.redhat.com/show_bug.cgi?id=2159104
bugzilla.redhat.com/show_bug.cgi?id=2159105
bugzilla.redhat.com/show_bug.cgi?id=2159291
bugzilla.redhat.com/show_bug.cgi?id=2159672
bugzilla.redhat.com/show_bug.cgi?id=2159839
bugzilla.redhat.com/show_bug.cgi?id=2161209
bugzilla.redhat.com/show_bug.cgi?id=2161274
bugzilla.redhat.com/show_bug.cgi?id=2161993
bugzilla.redhat.com/show_bug.cgi?id=2164359
bugzilla.redhat.com/show_bug.cgi?id=2164400
bugzilla.redhat.com/show_bug.cgi?id=2164714
bugzilla.redhat.com/show_bug.cgi?id=2164719
bugzilla.redhat.com/show_bug.cgi?id=2164722
bugzilla.redhat.com/show_bug.cgi?id=2164730
bugzilla.redhat.com/show_bug.cgi?id=2164736
bugzilla.redhat.com/show_bug.cgi?id=2164785
bugzilla.redhat.com/show_bug.cgi?id=2164789
bugzilla.redhat.com/show_bug.cgi?id=2164799
bugzilla.redhat.com/show_bug.cgi?id=2164800
bugzilla.redhat.com/show_bug.cgi?id=2165107
bugzilla.redhat.com/show_bug.cgi?id=2165866
bugzilla.redhat.com/show_bug.cgi?id=2165906
bugzilla.redhat.com/show_bug.cgi?id=2166404
bugzilla.redhat.com/show_bug.cgi?id=2166435
bugzilla.redhat.com/show_bug.cgi?id=2166466
bugzilla.redhat.com/show_bug.cgi?id=2166640
bugzilla.redhat.com/show_bug.cgi?id=2167097
bugzilla.redhat.com/show_bug.cgi?id=2167146
bugzilla.redhat.com/show_bug.cgi?id=2167371
bugzilla.redhat.com/show_bug.cgi?id=2167396
bugzilla.redhat.com/show_bug.cgi?id=2168414
bugzilla.redhat.com/show_bug.cgi?id=2169322
bugzilla.redhat.com/show_bug.cgi?id=2169385
bugzilla.redhat.com/show_bug.cgi?id=2169682
bugzilla.redhat.com/show_bug.cgi?id=2169847
bugzilla.redhat.com/show_bug.cgi?id=2170125
bugzilla.redhat.com/show_bug.cgi?id=2170127
bugzilla.redhat.com/show_bug.cgi?id=2170485
bugzilla.redhat.com/show_bug.cgi?id=2170535
bugzilla.redhat.com/show_bug.cgi?id=2170917
bugzilla.redhat.com/show_bug.cgi?id=2171180
bugzilla.redhat.com/show_bug.cgi?id=2172355
bugzilla.redhat.com/show_bug.cgi?id=2172564
bugzilla.redhat.com/show_bug.cgi?id=2173159
bugzilla.redhat.com/show_bug.cgi?id=2173199
bugzilla.redhat.com/show_bug.cgi?id=2173535
bugzilla.redhat.com/show_bug.cgi?id=2173671
bugzilla.redhat.com/show_bug.cgi?id=2173692
bugzilla.redhat.com/show_bug.cgi?id=2173757
bugzilla.redhat.com/show_bug.cgi?id=2174367
bugzilla.redhat.com/show_bug.cgi?id=2174912
bugzilla.redhat.com/show_bug.cgi?id=2176214
bugzilla.redhat.com/show_bug.cgi?id=2176368
bugzilla.redhat.com/show_bug.cgi?id=2176477
bugzilla.redhat.com/show_bug.cgi?id=2176870
bugzilla.redhat.com/show_bug.cgi?id=2178133
bugzilla.redhat.com/show_bug.cgi?id=2178176
bugzilla.redhat.com/show_bug.cgi?id=2178307
bugzilla.redhat.com/show_bug.cgi?id=2178645
bugzilla.redhat.com/show_bug.cgi?id=2178734
bugzilla.redhat.com/show_bug.cgi?id=2178775
bugzilla.redhat.com/show_bug.cgi?id=2179574
bugzilla.redhat.com/show_bug.cgi?id=2179649
bugzilla.redhat.com/show_bug.cgi?id=2179721
bugzilla.redhat.com/show_bug.cgi?id=2179725
bugzilla.redhat.com/show_bug.cgi?id=2180490
bugzilla.redhat.com/show_bug.cgi?id=2180760
bugzilla.redhat.com/show_bug.cgi?id=2180865
bugzilla.redhat.com/show_bug.cgi?id=2180954
bugzilla.redhat.com/show_bug.cgi?id=2181226
bugzilla.redhat.com/show_bug.cgi?id=2181254
bugzilla.redhat.com/show_bug.cgi?id=2181602
bugzilla.redhat.com/show_bug.cgi?id=2182353
bugzilla.redhat.com/show_bug.cgi?id=2183172
bugzilla.redhat.com/show_bug.cgi?id=2183357
bugzilla.redhat.com/show_bug.cgi?id=2184278
bugzilla.redhat.com/show_bug.cgi?id=2186713
bugzilla.redhat.com/show_bug.cgi?id=2186765
bugzilla.redhat.com/show_bug.cgi?id=2187599
bugzilla.redhat.com/show_bug.cgi?id=2187613
bugzilla.redhat.com/show_bug.cgi?id=2187903
bugzilla.redhat.com/show_bug.cgi?id=2187967
bugzilla.redhat.com/show_bug.cgi?id=2188504
bugzilla.redhat.com/show_bug.cgi?id=2188721
bugzilla.redhat.com/show_bug.cgi?id=2192565
bugzilla.redhat.com/show_bug.cgi?id=2192583
bugzilla.redhat.com/show_bug.cgi?id=2192841
bugzilla.redhat.com/show_bug.cgi?id=2193088
bugzilla.redhat.com/show_bug.cgi?id=2193451
bugzilla.redhat.com/show_bug.cgi?id=2196076
bugzilla.redhat.com/show_bug.cgi?id=2196085
bugzilla.redhat.com/show_bug.cgi?id=2196436
bugzilla.redhat.com/show_bug.cgi?id=2196540
bugzilla.redhat.com/show_bug.cgi?id=2196775
bugzilla.redhat.com/show_bug.cgi?id=2203093
bugzilla.redhat.com/show_bug.cgi?id=2203183
bugzilla.redhat.com/show_bug.cgi?id=2207782
bugzilla.redhat.com/show_bug.cgi?id=2208161
bugzilla.redhat.com/show_bug.cgi?id=2208535
bugzilla.redhat.com/show_bug.cgi?id=2209037
bugzilla.redhat.com/show_bug.cgi?id=2209469
bugzilla.redhat.com/show_bug.cgi?id=2209938
bugzilla.redhat.com/show_bug.cgi?id=2210284
bugzilla.redhat.com/show_bug.cgi?id=2210297
bugzilla.redhat.com/show_bug.cgi?id=2211210
bugzilla.redhat.com/show_bug.cgi?id=2211394
bugzilla.redhat.com/show_bug.cgi?id=2211437
bugzilla.redhat.com/show_bug.cgi?id=2211484
bugzilla.redhat.com/show_bug.cgi?id=2211502
bugzilla.redhat.com/show_bug.cgi?id=2211711
bugzilla.redhat.com/show_bug.cgi?id=2211966
bugzilla.redhat.com/show_bug.cgi?id=2212148
bugzilla.redhat.com/show_bug.cgi?id=2212523
bugzilla.redhat.com/show_bug.cgi?id=2212630
bugzilla.redhat.com/show_bug.cgi?id=2212740
bugzilla.redhat.com/show_bug.cgi?id=2212756
bugzilla.redhat.com/show_bug.cgi?id=2212812
bugzilla.redhat.com/show_bug.cgi?id=2212996
bugzilla.redhat.com/show_bug.cgi?id=2213088
bugzilla.redhat.com/show_bug.cgi?id=2213128
bugzilla.redhat.com/show_bug.cgi?id=2213190
bugzilla.redhat.com/show_bug.cgi?id=2213246
bugzilla.redhat.com/show_bug.cgi?id=2213281
bugzilla.redhat.com/show_bug.cgi?id=2213486
bugzilla.redhat.com/show_bug.cgi?id=2213515
bugzilla.redhat.com/show_bug.cgi?id=2213579
bugzilla.redhat.com/show_bug.cgi?id=2213582
bugzilla.redhat.com/show_bug.cgi?id=2213768
bugzilla.redhat.com/show_bug.cgi?id=2213777
bugzilla.redhat.com/show_bug.cgi?id=2213804
bugzilla.redhat.com/show_bug.cgi?id=2214261
bugzilla.redhat.com/show_bug.cgi?id=2214272
bugzilla.redhat.com/show_bug.cgi?id=2214274
bugzilla.redhat.com/show_bug.cgi?id=2214290
bugzilla.redhat.com/show_bug.cgi?id=2214578
bugzilla.redhat.com/show_bug.cgi?id=2215081
bugzilla.redhat.com/show_bug.cgi?id=2215093
bugzilla.redhat.com/show_bug.cgi?id=2215238
bugzilla.redhat.com/show_bug.cgi?id=2215294
bugzilla.redhat.com/show_bug.cgi?id=2215426
bugzilla.redhat.com/show_bug.cgi?id=2215954
bugzilla.redhat.com/show_bug.cgi?id=2215986
bugzilla.redhat.com/show_bug.cgi?id=2216194
bugzilla.redhat.com/show_bug.cgi?id=2216461
bugzilla.redhat.com/show_bug.cgi?id=2216564
bugzilla.redhat.com/show_bug.cgi?id=2216757
bugzilla.redhat.com/show_bug.cgi?id=2216907
bugzilla.redhat.com/show_bug.cgi?id=2217942
bugzilla.redhat.com/show_bug.cgi?id=2218004
bugzilla.redhat.com/show_bug.cgi?id=2218307
bugzilla.redhat.com/show_bug.cgi?id=2218625
bugzilla.redhat.com/show_bug.cgi?id=2218878
bugzilla.redhat.com/show_bug.cgi?id=2218930
bugzilla.redhat.com/show_bug.cgi?id=2218932
bugzilla.redhat.com/show_bug.cgi?id=2219648
bugzilla.redhat.com/show_bug.cgi?id=2220965
bugzilla.redhat.com/show_bug.cgi?id=2220969
bugzilla.redhat.com/show_bug.cgi?id=2220978
bugzilla.redhat.com/show_bug.cgi?id=2221291
bugzilla.redhat.com/show_bug.cgi?id=2221407
bugzilla.redhat.com/show_bug.cgi?id=2221621
bugzilla.redhat.com/show_bug.cgi?id=2221983
bugzilla.redhat.com/show_bug.cgi?id=2222167
bugzilla.redhat.com/show_bug.cgi?id=2222444
bugzilla.redhat.com/show_bug.cgi?id=2222446
bugzilla.redhat.com/show_bug.cgi?id=2222447
bugzilla.redhat.com/show_bug.cgi?id=2222705
bugzilla.redhat.com/show_bug.cgi?id=2222839
bugzilla.redhat.com/show_bug.cgi?id=2222890
bugzilla.redhat.com/show_bug.cgi?id=2222907
bugzilla.redhat.com/show_bug.cgi?id=2222979
bugzilla.redhat.com/show_bug.cgi?id=2223048
bugzilla.redhat.com/show_bug.cgi?id=2223050
bugzilla.redhat.com/show_bug.cgi?id=2223618
bugzilla.redhat.com/show_bug.cgi?id=2223707
bugzilla.redhat.com/show_bug.cgi?id=2223891
bugzilla.redhat.com/show_bug.cgi?id=2223996
bugzilla.redhat.com/show_bug.cgi?id=2224031
bugzilla.redhat.com/show_bug.cgi?id=2224113
bugzilla.redhat.com/show_bug.cgi?id=2224334
bugzilla.redhat.com/show_bug.cgi?id=2224494
bugzilla.redhat.com/show_bug.cgi?id=2224498
bugzilla.redhat.com/show_bug.cgi?id=2225090
bugzilla.redhat.com/show_bug.cgi?id=2225141
bugzilla.redhat.com/show_bug.cgi?id=2225333
bugzilla.redhat.com/show_bug.cgi?id=2225383
bugzilla.redhat.com/show_bug.cgi?id=2225402
bugzilla.redhat.com/show_bug.cgi?id=2225406
bugzilla.redhat.com/show_bug.cgi?id=2225409
bugzilla.redhat.com/show_bug.cgi?id=2226950
bugzilla.redhat.com/show_bug.cgi?id=2227028
bugzilla.redhat.com/show_bug.cgi?id=2227093
bugzilla.redhat.com/show_bug.cgi?id=2227271
bugzilla.redhat.com/show_bug.cgi?id=2227338
bugzilla.redhat.com/show_bug.cgi?id=2228287
bugzilla.redhat.com/show_bug.cgi?id=2229788
bugzilla.redhat.com/show_bug.cgi?id=2229897
bugzilla.redhat.com/show_bug.cgi?id=2230584
bugzilla.redhat.com/show_bug.cgi?id=2230934
bugzilla.redhat.com/show_bug.cgi?id=2231363
bugzilla.redhat.com/show_bug.cgi?id=2231474
bugzilla.redhat.com/show_bug.cgi?id=2232370
bugzilla.redhat.com/show_bug.cgi?id=2232775
bugzilla.redhat.com/show_bug.cgi?id=2234444
bugzilla.redhat.com/show_bug.cgi?id=2235231
bugzilla.redhat.com/show_bug.cgi?id=2236685
bugzilla.redhat.com/show_bug.cgi?id=2239115
bugzilla.redhat.com/show_bug.cgi?id=2242803
bugzilla.redhat.com/show_bug.cgi?id=2243296
bugzilla.redhat.com/show_bug.cgi?id=2245056
bugzilla.redhat.com/show_bug.cgi?id=2245930
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.9 High
AI Score
Confidence
High
0.732 High
EPSS
Percentile
98.1%