CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
AI Score
Confidence
Low
EPSS
Percentile
95.4%
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2010 advisory.
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Security fixes:
* python-pygments: ReDoS in pygments (CVE-2022-40896)
* python-pycryptodomex: Side-channel leakage for OAEP decryption in PyCryptodome and pycryptodomex (CVE-2023-52323)
* satellite: Arithmetic overflow in satellite (CVE-2023-4320)
* automation-hub: Ansible Automation Hub: insecure galaxy-importer tarfile extraction (CVE-2023-5189)
* jetty: Improper addition of quotation marks to user inputs in CgiServlet (CVE-2023-36479)
* python-aiohttp: HTTP request smuggling via llhttp HTTP request parser (CVE-2023-37276)
* rubygem-activesupport: File Disclosure of Locally Encrypted Files (CVE-2023-38037)
* jetty: Improper validation of HTTP/1 content-length (CVE-2023-40167)
* python-django: Potential denial of service vulnerability in `django.utils.encoding.uri_to_iri()` (CVE-2023-41164)
* python-django: Denial-of-service possibility in django.utils.text.Truncator (CVE-2023-43665)
* python-aiohttp: Numerous issues in HTTP parser with header parsing (CVE-2023-47627)
* python-aiohttp: HTTP request modification (CVE-2023-49081)
* python-aiohttp: CRLF injection if user controls the HTTP method using aiohttp client (CVE-2023-49082)
* rubygem-puma: HTTP request smuggling when parsing chunked Transfer-Encoding Bodies (CVE-2024-21647)
* rubygem-audited: Race condition can lead to audit logs being incorrectly attributed to the wrong user (CVE-2024-22047)
* python-jinja2: HTML attribute injection when passing user input as keys to xmlattr filter (CVE-2024-22195)
* python-aiohttp: Follow_symlinks directory traversal vulnerability (CVE-2024-23334)
* python-aiohttp: HTTP request smuggling (CVE-2024-23829)
Additional Changes:
This update also fixes several bugs and adds various enhancements.
Documentation for these changes is available from the Release Notes document linked to in the References section.
Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2024:2010. The text
# itself is copyright (C) Red Hat, Inc.
##
include('compat.inc');
if (description)
{
script_id(199805);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/06/03");
script_cve_id(
"CVE-2022-40896",
"CVE-2023-4320",
"CVE-2023-5189",
"CVE-2023-36479",
"CVE-2023-37276",
"CVE-2023-38037",
"CVE-2023-40167",
"CVE-2023-41164",
"CVE-2023-43665",
"CVE-2023-47627",
"CVE-2023-49081",
"CVE-2023-49082",
"CVE-2023-52323",
"CVE-2024-21647",
"CVE-2024-22047",
"CVE-2024-22195",
"CVE-2024-23334",
"CVE-2024-23829"
);
script_xref(name:"RHSA", value:"2024:2010");
script_name(english:"RHEL 8 : Satellite 6.15.0 (Important) (RHSA-2024:2010)");
script_set_attribute(attribute:"synopsis", value:
"The remote Red Hat host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as
referenced in the RHSA-2024:2010 advisory.
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.
Security fixes:
* python-pygments: ReDoS in pygments (CVE-2022-40896)
* python-pycryptodomex: Side-channel leakage for OAEP decryption in PyCryptodome and pycryptodomex
(CVE-2023-52323)
* satellite: Arithmetic overflow in satellite (CVE-2023-4320)
* automation-hub: Ansible Automation Hub: insecure galaxy-importer tarfile extraction (CVE-2023-5189)
* jetty: Improper addition of quotation marks to user inputs in CgiServlet (CVE-2023-36479)
* python-aiohttp: HTTP request smuggling via llhttp HTTP request parser (CVE-2023-37276)
* rubygem-activesupport: File Disclosure of Locally Encrypted Files (CVE-2023-38037)
* jetty: Improper validation of HTTP/1 content-length (CVE-2023-40167)
* python-django: Potential denial of service vulnerability in `django.utils.encoding.uri_to_iri()`
(CVE-2023-41164)
* python-django: Denial-of-service possibility in django.utils.text.Truncator (CVE-2023-43665)
* python-aiohttp: Numerous issues in HTTP parser with header parsing (CVE-2023-47627)
* python-aiohttp: HTTP request modification (CVE-2023-49081)
* python-aiohttp: CRLF injection if user controls the HTTP method using aiohttp client (CVE-2023-49082)
* rubygem-puma: HTTP request smuggling when parsing chunked Transfer-Encoding Bodies (CVE-2024-21647)
* rubygem-audited: Race condition can lead to audit logs being incorrectly attributed to the wrong user
(CVE-2024-22047)
* python-jinja2: HTML attribute injection when passing user input as keys to xmlattr filter
(CVE-2024-22195)
* python-aiohttp: Follow_symlinks directory traversal vulnerability (CVE-2024-23334)
* python-aiohttp: HTTP request smuggling (CVE-2024-23829)
Additional Changes:
This update also fixes several bugs and adds various enhancements.
Documentation for these changes is available from the Release Notes document linked to in the References
section.
Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/updates/classification/#important");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1393613");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1792187");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1884395");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1937203");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1943306");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1964539");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1967073");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1976178");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1976213");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1992495");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1993917");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1994654");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2015344");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2026701");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2044527");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2048805");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2053416");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2063218");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2063717");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2068263");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2068527");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2070487");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2071097");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2081244");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2087537");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2091900");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2096930");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2097084");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2103757");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2104582");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2106256");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2108725");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2109740");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2121957");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2124275");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2125367");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2125728");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2125809");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2126357");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2126420");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2129296");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2131798");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2138905");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2139834");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2141421");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2143980");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2144615");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2148439");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2148534");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2149288");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2152709");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2153523");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2153548");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2155083");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2155218");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2155444");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2158524");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2158959");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2159706");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2160160");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2162637");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2162882");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2164844");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2164856");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2164997");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2165012");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2165092");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2166428");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2167493");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2168013");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2168152");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2168173");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2168202");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2168503");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2168728");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2168866");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2170016");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2170448");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2170727");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2172083");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2172094");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2172379");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2172384");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2172393");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2172394");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2172756");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2173870");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2175132");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2179974");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2180568");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2180761");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2181595");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2181991");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2184151");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2188287");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2189318");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2189687");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2192939");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2193010");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2203077");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2208310");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2208557");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2208588");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2209968");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2212499");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2213163");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2214285");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2214331");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2215050");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2215310");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2216006");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2216017");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2216158");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2216533");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2217397");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2218179");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2218278");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2218821");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2221673");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2222725");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2222816");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2222968");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2223567");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2224122");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2224170");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2224185");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2224719");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2225534");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2226714");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2227753");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2229095");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2229810");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2230237");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2230459");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2231814");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2232500");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2232625");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2233162");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2233490");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2234387");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2234467");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2236261");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2236418");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2236502");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2236693");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2236806");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2237258");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2238325");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2238906");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2238952");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2239549");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2239630");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2239634");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2239767");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2240243");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2240956");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2241017");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2241046");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2241934");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2242214");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2242515");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2242812");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2243256");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2243344");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2243679");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2244122");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2244370");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2244629");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2244811");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2245050");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2245081");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2245455");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2246121");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2246546");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2247081");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2248864");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2248865");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2249540");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2249736");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2249825");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2249847");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2249904");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2249913");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2249970");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2250397");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2251014");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2251019");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2251200");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2251643");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2252064");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2252235");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2252248");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2252450");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2252945");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2252968");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2253191");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2253212");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2253381");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2253519");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2253618");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2253621");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2253673");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2254074");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2254178");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2254230");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2254383");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2254408");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2254491");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2254492");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2254612");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2254690");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2254694");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2254712");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2254827");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2255026");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2255329");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2255344");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2255346");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2255385");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2255421");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2255424");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2255426");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2255546");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2255658");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2255900");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2255949");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2255969");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2256024");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2256136");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2256154");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2256218");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2256411");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2256452");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2256473");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2256604");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2256683");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2256891");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2256927");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2257028");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2257340");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2257854");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2257957");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2258016");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2258109");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2258876");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2259163");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2261887");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2261909");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2263243");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2263815");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2264342");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2267949");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2269363");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2270295");
# https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_2010.json
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?73416b21");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2024:2010");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-23334");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_cwe_id(20, 22, 79, 93, 130, 149, 203, 362, 377, 400, 434, 444, 613, 1333);
script_set_attribute(attribute:"vendor_severity", value:"Important");
script_set_attribute(attribute:"vuln_publication_date", value:"2023/07/19");
script_set_attribute(attribute:"patch_publication_date", value:"2024/04/23");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/06/03");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:8");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-cli");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-debug");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-dynflow-sidekiq");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-ec2");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-journald");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-libvirt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-openstack");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-ovirt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-pcp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-postgresql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-redis");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-service");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-telemetry");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-vmware");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:puppetserver");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-aiohttp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-django");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-galaxy-importer");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-jinja2");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-pycryptodomex");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-pygments");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python3.11-aiohttp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python3.11-django");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python3.11-galaxy-importer");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python3.11-jinja2");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python3.11-pycryptodomex");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python3.11-pygments");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rubygem-activesupport");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rubygem-audited");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rubygem-puma");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Red Hat Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl", "redhat_repos.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
exit(0);
}
include('rpm.inc');
include('rhel.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RedHat/release');
if (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');
var os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');
os_ver = os_ver[1];
if (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);
if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);
var constraints = [
{
'repo_relative_urls': [
'content/dist/layered/rhel8/x86_64/sat-capsule/6.15/debug',
'content/dist/layered/rhel8/x86_64/sat-capsule/6.15/os',
'content/dist/layered/rhel8/x86_64/sat-capsule/6.15/source/SRPMS',
'content/dist/layered/rhel8/x86_64/sat-utils/6.15/debug',
'content/dist/layered/rhel8/x86_64/sat-utils/6.15/os',
'content/dist/layered/rhel8/x86_64/sat-utils/6.15/source/SRPMS',
'content/dist/layered/rhel8/x86_64/satellite/6.15/debug',
'content/dist/layered/rhel8/x86_64/satellite/6.15/os',
'content/dist/layered/rhel8/x86_64/satellite/6.15/source/SRPMS'
],
'pkgs': [
{'reference':'foreman-3.9.1.6-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2023-4320']},
{'reference':'foreman-cli-3.9.1.6-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2023-4320']},
{'reference':'foreman-debug-3.9.1.6-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2023-4320']},
{'reference':'foreman-dynflow-sidekiq-3.9.1.6-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2023-4320']},
{'reference':'foreman-ec2-3.9.1.6-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2023-4320']},
{'reference':'foreman-journald-3.9.1.6-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2023-4320']},
{'reference':'foreman-libvirt-3.9.1.6-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2023-4320']},
{'reference':'foreman-openstack-3.9.1.6-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2023-4320']},
{'reference':'foreman-ovirt-3.9.1.6-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2023-4320']},
{'reference':'foreman-pcp-3.9.1.6-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2023-4320']},
{'reference':'foreman-postgresql-3.9.1.6-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2023-4320']},
{'reference':'foreman-redis-3.9.1.6-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2023-4320']},
{'reference':'foreman-service-3.9.1.6-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2023-4320']},
{'reference':'foreman-telemetry-3.9.1.6-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2023-4320']},
{'reference':'foreman-vmware-3.9.1.6-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2023-4320']}
]
},
{
'repo_relative_urls': [
'content/dist/layered/rhel8/x86_64/sat-capsule/6.15/debug',
'content/dist/layered/rhel8/x86_64/sat-capsule/6.15/os',
'content/dist/layered/rhel8/x86_64/sat-capsule/6.15/source/SRPMS',
'content/dist/layered/rhel8/x86_64/satellite/6.15/debug',
'content/dist/layered/rhel8/x86_64/satellite/6.15/os',
'content/dist/layered/rhel8/x86_64/satellite/6.15/source/SRPMS'
],
'pkgs': [
{'reference':'puppetserver-7.14.0-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2023-36479', 'CVE-2023-40167']},
{'reference':'python3.11-aiohttp-3.9.2-1.el8pc', 'cpu':'x86_64', 'release':'8', 'el_string':'el8pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2023-37276', 'CVE-2023-47627', 'CVE-2023-49081', 'CVE-2023-49082', 'CVE-2024-23334', 'CVE-2024-23829']},
{'reference':'python3.11-django-4.2.9-1.el8pc', 'release':'8', 'el_string':'el8pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2023-41164', 'CVE-2023-43665']},
{'reference':'python3.11-galaxy-importer-0.4.19-2.el8pc', 'release':'8', 'el_string':'el8pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2023-5189']},
{'reference':'python3.11-jinja2-3.1.3-1.el8pc', 'release':'8', 'el_string':'el8pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2024-22195']},
{'reference':'python3.11-pycryptodomex-3.20.0-1.el8pc', 'cpu':'x86_64', 'release':'8', 'el_string':'el8pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2023-52323']},
{'reference':'python3.11-pygments-2.17.0-1.el8pc', 'cpu':'x86_64', 'release':'8', 'el_string':'el8pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2022-40896']},
{'reference':'rubygem-activesupport-6.1.7.6-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2023-38037']}
]
},
{
'repo_relative_urls': [
'content/dist/layered/rhel8/x86_64/satellite/6.15/debug',
'content/dist/layered/rhel8/x86_64/satellite/6.15/os',
'content/dist/layered/rhel8/x86_64/satellite/6.15/source/SRPMS'
],
'pkgs': [
{'reference':'rubygem-audited-5.4.2-1.el8sat', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2024-22047']},
{'reference':'rubygem-puma-6.4.2-1.el8sat', 'cpu':'x86_64', 'release':'8', 'el_string':'el8sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'cves':['CVE-2024-21647']}
]
}
];
var applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);
if(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);
var flag = 0;
foreach var constraint_array ( constraints ) {
var repo_relative_urls = NULL;
if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];
foreach var pkg ( constraint_array['pkgs'] ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
var cves = NULL;
if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];
if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
if (reference &&
_release &&
rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&
(applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&
rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
}
}
if (flag)
{
var extra = NULL;
if (isnull(applicable_repo_urls) || !applicable_repo_urls) extra = rpm_report_get() + redhat_report_repo_caveat();
else extra = rpm_report_get();
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : extra
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'foreman / foreman-cli / foreman-debug / foreman-dynflow-sidekiq / etc');
}
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40896
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36479
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37276
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38037
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40167
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4320
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-47627
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49081
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49082
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5189
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52323
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21647
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22047
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22195
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23334
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23829
www.nessus.org/u?73416b21
access.redhat.com/errata/RHSA-2024:2010
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=1393613
bugzilla.redhat.com/show_bug.cgi?id=1792187
bugzilla.redhat.com/show_bug.cgi?id=1884395
bugzilla.redhat.com/show_bug.cgi?id=1937203
bugzilla.redhat.com/show_bug.cgi?id=1943306
bugzilla.redhat.com/show_bug.cgi?id=1964539
bugzilla.redhat.com/show_bug.cgi?id=1967073
bugzilla.redhat.com/show_bug.cgi?id=1976178
bugzilla.redhat.com/show_bug.cgi?id=1976213
bugzilla.redhat.com/show_bug.cgi?id=1992495
bugzilla.redhat.com/show_bug.cgi?id=1993917
bugzilla.redhat.com/show_bug.cgi?id=1994654
bugzilla.redhat.com/show_bug.cgi?id=2015344
bugzilla.redhat.com/show_bug.cgi?id=2026701
bugzilla.redhat.com/show_bug.cgi?id=2044527
bugzilla.redhat.com/show_bug.cgi?id=2048805
bugzilla.redhat.com/show_bug.cgi?id=2053416
bugzilla.redhat.com/show_bug.cgi?id=2063218
bugzilla.redhat.com/show_bug.cgi?id=2063717
bugzilla.redhat.com/show_bug.cgi?id=2068263
bugzilla.redhat.com/show_bug.cgi?id=2068527
bugzilla.redhat.com/show_bug.cgi?id=2070487
bugzilla.redhat.com/show_bug.cgi?id=2071097
bugzilla.redhat.com/show_bug.cgi?id=2081244
bugzilla.redhat.com/show_bug.cgi?id=2087537
bugzilla.redhat.com/show_bug.cgi?id=2091900
bugzilla.redhat.com/show_bug.cgi?id=2096930
bugzilla.redhat.com/show_bug.cgi?id=2097084
bugzilla.redhat.com/show_bug.cgi?id=2103757
bugzilla.redhat.com/show_bug.cgi?id=2104582
bugzilla.redhat.com/show_bug.cgi?id=2106256
bugzilla.redhat.com/show_bug.cgi?id=2108725
bugzilla.redhat.com/show_bug.cgi?id=2109740
bugzilla.redhat.com/show_bug.cgi?id=2121957
bugzilla.redhat.com/show_bug.cgi?id=2124275
bugzilla.redhat.com/show_bug.cgi?id=2125367
bugzilla.redhat.com/show_bug.cgi?id=2125728
bugzilla.redhat.com/show_bug.cgi?id=2125809
bugzilla.redhat.com/show_bug.cgi?id=2126357
bugzilla.redhat.com/show_bug.cgi?id=2126420
bugzilla.redhat.com/show_bug.cgi?id=2129296
bugzilla.redhat.com/show_bug.cgi?id=2131798
bugzilla.redhat.com/show_bug.cgi?id=2138905
bugzilla.redhat.com/show_bug.cgi?id=2139834
bugzilla.redhat.com/show_bug.cgi?id=2141421
bugzilla.redhat.com/show_bug.cgi?id=2143980
bugzilla.redhat.com/show_bug.cgi?id=2144615
bugzilla.redhat.com/show_bug.cgi?id=2148439
bugzilla.redhat.com/show_bug.cgi?id=2148534
bugzilla.redhat.com/show_bug.cgi?id=2149288
bugzilla.redhat.com/show_bug.cgi?id=2152709
bugzilla.redhat.com/show_bug.cgi?id=2153523
bugzilla.redhat.com/show_bug.cgi?id=2153548
bugzilla.redhat.com/show_bug.cgi?id=2155083
bugzilla.redhat.com/show_bug.cgi?id=2155218
bugzilla.redhat.com/show_bug.cgi?id=2155444
bugzilla.redhat.com/show_bug.cgi?id=2158524
bugzilla.redhat.com/show_bug.cgi?id=2158959
bugzilla.redhat.com/show_bug.cgi?id=2159706
bugzilla.redhat.com/show_bug.cgi?id=2160160
bugzilla.redhat.com/show_bug.cgi?id=2162637
bugzilla.redhat.com/show_bug.cgi?id=2162882
bugzilla.redhat.com/show_bug.cgi?id=2164844
bugzilla.redhat.com/show_bug.cgi?id=2164856
bugzilla.redhat.com/show_bug.cgi?id=2164997
bugzilla.redhat.com/show_bug.cgi?id=2165012
bugzilla.redhat.com/show_bug.cgi?id=2165092
bugzilla.redhat.com/show_bug.cgi?id=2166428
bugzilla.redhat.com/show_bug.cgi?id=2167493
bugzilla.redhat.com/show_bug.cgi?id=2168013
bugzilla.redhat.com/show_bug.cgi?id=2168152
bugzilla.redhat.com/show_bug.cgi?id=2168173
bugzilla.redhat.com/show_bug.cgi?id=2168202
bugzilla.redhat.com/show_bug.cgi?id=2168503
bugzilla.redhat.com/show_bug.cgi?id=2168728
bugzilla.redhat.com/show_bug.cgi?id=2168866
bugzilla.redhat.com/show_bug.cgi?id=2170016
bugzilla.redhat.com/show_bug.cgi?id=2170448
bugzilla.redhat.com/show_bug.cgi?id=2170727
bugzilla.redhat.com/show_bug.cgi?id=2172083
bugzilla.redhat.com/show_bug.cgi?id=2172094
bugzilla.redhat.com/show_bug.cgi?id=2172379
bugzilla.redhat.com/show_bug.cgi?id=2172384
bugzilla.redhat.com/show_bug.cgi?id=2172393
bugzilla.redhat.com/show_bug.cgi?id=2172394
bugzilla.redhat.com/show_bug.cgi?id=2172756
bugzilla.redhat.com/show_bug.cgi?id=2173870
bugzilla.redhat.com/show_bug.cgi?id=2175132
bugzilla.redhat.com/show_bug.cgi?id=2179974
bugzilla.redhat.com/show_bug.cgi?id=2180568
bugzilla.redhat.com/show_bug.cgi?id=2180761
bugzilla.redhat.com/show_bug.cgi?id=2181595
bugzilla.redhat.com/show_bug.cgi?id=2181991
bugzilla.redhat.com/show_bug.cgi?id=2184151
bugzilla.redhat.com/show_bug.cgi?id=2188287
bugzilla.redhat.com/show_bug.cgi?id=2189318
bugzilla.redhat.com/show_bug.cgi?id=2189687
bugzilla.redhat.com/show_bug.cgi?id=2192939
bugzilla.redhat.com/show_bug.cgi?id=2193010
bugzilla.redhat.com/show_bug.cgi?id=2203077
bugzilla.redhat.com/show_bug.cgi?id=2208310
bugzilla.redhat.com/show_bug.cgi?id=2208557
bugzilla.redhat.com/show_bug.cgi?id=2208588
bugzilla.redhat.com/show_bug.cgi?id=2209968
bugzilla.redhat.com/show_bug.cgi?id=2212499
bugzilla.redhat.com/show_bug.cgi?id=2213163
bugzilla.redhat.com/show_bug.cgi?id=2214285
bugzilla.redhat.com/show_bug.cgi?id=2214331
bugzilla.redhat.com/show_bug.cgi?id=2215050
bugzilla.redhat.com/show_bug.cgi?id=2215310
bugzilla.redhat.com/show_bug.cgi?id=2216006
bugzilla.redhat.com/show_bug.cgi?id=2216017
bugzilla.redhat.com/show_bug.cgi?id=2216158
bugzilla.redhat.com/show_bug.cgi?id=2216533
bugzilla.redhat.com/show_bug.cgi?id=2217397
bugzilla.redhat.com/show_bug.cgi?id=2218179
bugzilla.redhat.com/show_bug.cgi?id=2218278
bugzilla.redhat.com/show_bug.cgi?id=2218821
bugzilla.redhat.com/show_bug.cgi?id=2221673
bugzilla.redhat.com/show_bug.cgi?id=2222725
bugzilla.redhat.com/show_bug.cgi?id=2222816
bugzilla.redhat.com/show_bug.cgi?id=2222968
bugzilla.redhat.com/show_bug.cgi?id=2223567
bugzilla.redhat.com/show_bug.cgi?id=2224122
bugzilla.redhat.com/show_bug.cgi?id=2224170
bugzilla.redhat.com/show_bug.cgi?id=2224185
bugzilla.redhat.com/show_bug.cgi?id=2224719
bugzilla.redhat.com/show_bug.cgi?id=2225534
bugzilla.redhat.com/show_bug.cgi?id=2226714
bugzilla.redhat.com/show_bug.cgi?id=2227753
bugzilla.redhat.com/show_bug.cgi?id=2229095
bugzilla.redhat.com/show_bug.cgi?id=2229810
bugzilla.redhat.com/show_bug.cgi?id=2230237
bugzilla.redhat.com/show_bug.cgi?id=2230459
bugzilla.redhat.com/show_bug.cgi?id=2231814
bugzilla.redhat.com/show_bug.cgi?id=2232500
bugzilla.redhat.com/show_bug.cgi?id=2232625
bugzilla.redhat.com/show_bug.cgi?id=2233162
bugzilla.redhat.com/show_bug.cgi?id=2233490
bugzilla.redhat.com/show_bug.cgi?id=2234387
bugzilla.redhat.com/show_bug.cgi?id=2234467
bugzilla.redhat.com/show_bug.cgi?id=2236261
bugzilla.redhat.com/show_bug.cgi?id=2236418
bugzilla.redhat.com/show_bug.cgi?id=2236502
bugzilla.redhat.com/show_bug.cgi?id=2236693
bugzilla.redhat.com/show_bug.cgi?id=2236806
bugzilla.redhat.com/show_bug.cgi?id=2237258
bugzilla.redhat.com/show_bug.cgi?id=2238325
bugzilla.redhat.com/show_bug.cgi?id=2238906
bugzilla.redhat.com/show_bug.cgi?id=2238952
bugzilla.redhat.com/show_bug.cgi?id=2239549
bugzilla.redhat.com/show_bug.cgi?id=2239630
bugzilla.redhat.com/show_bug.cgi?id=2239634
bugzilla.redhat.com/show_bug.cgi?id=2239767
bugzilla.redhat.com/show_bug.cgi?id=2240243
bugzilla.redhat.com/show_bug.cgi?id=2240956
bugzilla.redhat.com/show_bug.cgi?id=2241017
bugzilla.redhat.com/show_bug.cgi?id=2241046
bugzilla.redhat.com/show_bug.cgi?id=2241934
bugzilla.redhat.com/show_bug.cgi?id=2242214
bugzilla.redhat.com/show_bug.cgi?id=2242515
bugzilla.redhat.com/show_bug.cgi?id=2242812
bugzilla.redhat.com/show_bug.cgi?id=2243256
bugzilla.redhat.com/show_bug.cgi?id=2243344
bugzilla.redhat.com/show_bug.cgi?id=2243679
bugzilla.redhat.com/show_bug.cgi?id=2244122
bugzilla.redhat.com/show_bug.cgi?id=2244370
bugzilla.redhat.com/show_bug.cgi?id=2244629
bugzilla.redhat.com/show_bug.cgi?id=2244811
bugzilla.redhat.com/show_bug.cgi?id=2245050
bugzilla.redhat.com/show_bug.cgi?id=2245081
bugzilla.redhat.com/show_bug.cgi?id=2245455
bugzilla.redhat.com/show_bug.cgi?id=2246121
bugzilla.redhat.com/show_bug.cgi?id=2246546
bugzilla.redhat.com/show_bug.cgi?id=2247081
bugzilla.redhat.com/show_bug.cgi?id=2248864
bugzilla.redhat.com/show_bug.cgi?id=2248865
bugzilla.redhat.com/show_bug.cgi?id=2249540
bugzilla.redhat.com/show_bug.cgi?id=2249736
bugzilla.redhat.com/show_bug.cgi?id=2249825
bugzilla.redhat.com/show_bug.cgi?id=2249847
bugzilla.redhat.com/show_bug.cgi?id=2249904
bugzilla.redhat.com/show_bug.cgi?id=2249913
bugzilla.redhat.com/show_bug.cgi?id=2249970
bugzilla.redhat.com/show_bug.cgi?id=2250397
bugzilla.redhat.com/show_bug.cgi?id=2251014
bugzilla.redhat.com/show_bug.cgi?id=2251019
bugzilla.redhat.com/show_bug.cgi?id=2251200
bugzilla.redhat.com/show_bug.cgi?id=2251643
bugzilla.redhat.com/show_bug.cgi?id=2252064
bugzilla.redhat.com/show_bug.cgi?id=2252235
bugzilla.redhat.com/show_bug.cgi?id=2252248
bugzilla.redhat.com/show_bug.cgi?id=2252450
bugzilla.redhat.com/show_bug.cgi?id=2252945
bugzilla.redhat.com/show_bug.cgi?id=2252968
bugzilla.redhat.com/show_bug.cgi?id=2253191
bugzilla.redhat.com/show_bug.cgi?id=2253212
bugzilla.redhat.com/show_bug.cgi?id=2253381
bugzilla.redhat.com/show_bug.cgi?id=2253519
bugzilla.redhat.com/show_bug.cgi?id=2253618
bugzilla.redhat.com/show_bug.cgi?id=2253621
bugzilla.redhat.com/show_bug.cgi?id=2253673
bugzilla.redhat.com/show_bug.cgi?id=2254074
bugzilla.redhat.com/show_bug.cgi?id=2254178
bugzilla.redhat.com/show_bug.cgi?id=2254230
bugzilla.redhat.com/show_bug.cgi?id=2254383
bugzilla.redhat.com/show_bug.cgi?id=2254408
bugzilla.redhat.com/show_bug.cgi?id=2254491
bugzilla.redhat.com/show_bug.cgi?id=2254492
bugzilla.redhat.com/show_bug.cgi?id=2254612
bugzilla.redhat.com/show_bug.cgi?id=2254690
bugzilla.redhat.com/show_bug.cgi?id=2254694
bugzilla.redhat.com/show_bug.cgi?id=2254712
bugzilla.redhat.com/show_bug.cgi?id=2254827
bugzilla.redhat.com/show_bug.cgi?id=2255026
bugzilla.redhat.com/show_bug.cgi?id=2255329
bugzilla.redhat.com/show_bug.cgi?id=2255344
bugzilla.redhat.com/show_bug.cgi?id=2255346
bugzilla.redhat.com/show_bug.cgi?id=2255385
bugzilla.redhat.com/show_bug.cgi?id=2255421
bugzilla.redhat.com/show_bug.cgi?id=2255424
bugzilla.redhat.com/show_bug.cgi?id=2255426
bugzilla.redhat.com/show_bug.cgi?id=2255546
bugzilla.redhat.com/show_bug.cgi?id=2255658
bugzilla.redhat.com/show_bug.cgi?id=2255900
bugzilla.redhat.com/show_bug.cgi?id=2255949
bugzilla.redhat.com/show_bug.cgi?id=2255969
bugzilla.redhat.com/show_bug.cgi?id=2256024
bugzilla.redhat.com/show_bug.cgi?id=2256136
bugzilla.redhat.com/show_bug.cgi?id=2256154
bugzilla.redhat.com/show_bug.cgi?id=2256218
bugzilla.redhat.com/show_bug.cgi?id=2256411
bugzilla.redhat.com/show_bug.cgi?id=2256452
bugzilla.redhat.com/show_bug.cgi?id=2256473
bugzilla.redhat.com/show_bug.cgi?id=2256604
bugzilla.redhat.com/show_bug.cgi?id=2256683
bugzilla.redhat.com/show_bug.cgi?id=2256891
bugzilla.redhat.com/show_bug.cgi?id=2256927
bugzilla.redhat.com/show_bug.cgi?id=2257028
bugzilla.redhat.com/show_bug.cgi?id=2257340
bugzilla.redhat.com/show_bug.cgi?id=2257854
bugzilla.redhat.com/show_bug.cgi?id=2257957
bugzilla.redhat.com/show_bug.cgi?id=2258016
bugzilla.redhat.com/show_bug.cgi?id=2258109
bugzilla.redhat.com/show_bug.cgi?id=2258876
bugzilla.redhat.com/show_bug.cgi?id=2259163
bugzilla.redhat.com/show_bug.cgi?id=2261887
bugzilla.redhat.com/show_bug.cgi?id=2261909
bugzilla.redhat.com/show_bug.cgi?id=2263243
bugzilla.redhat.com/show_bug.cgi?id=2263815
bugzilla.redhat.com/show_bug.cgi?id=2264342
bugzilla.redhat.com/show_bug.cgi?id=2267949
bugzilla.redhat.com/show_bug.cgi?id=2269363
bugzilla.redhat.com/show_bug.cgi?id=2270295
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
AI Score
Confidence
Low
EPSS
Percentile
95.4%