Vulnerabilities > CVE-2018-10869 - Files or Directories Accessible to External Parties vulnerability in Redhat Certification and Enterprise Linux
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
redhat-certification does not properly restrict files that can be download through the /download page. A remote attacker may download any file accessible by the user running httpd.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 1 | |
| Application | 1 |
Common Weakness Enumeration (CWE)
Nessus
| NASL family | Red Hat Local Security Checks |
| NASL id | REDHAT-RHSA-2018-2373.NASL |
| description | An update for redhat-certification is now available for Red Hat Certification for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The redhat-certification package provides partners with a unified web-based user interface to certify their products for use on Red Hat Infrastructure. It can currently be used in the latest releases of Red Hat Certified Cloud and Service Provider Certification, Red Hat OpenStack Certification and Red Hat Hardware Certification Programs. Security Fix(es) : * redhat-certification: rhcertStore.py:__saveResultsFile allows to write any file (CVE-2018-10870) * redhat-certification: /download allows to download any file (CVE-2018-10869) * redhat-certification: resource consumption in DocumentBase:loadFiltered (CVE-2018-10864) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. These issues were discovered by Riccardo Schirone (Red Hat Product Security). |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 111774 |
| published | 2018-08-16 |
| reporter | This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/111774 |
| title | RHEL 7 : redhat-certification (RHSA-2018:2373) |
Redhat
| advisories |
| ||||
| rpms |
|