Vulnerabilities > CVE-2019-3845 - Unspecified vulnerability in Redhat Satellite
Attack vector
ADJACENT_NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
A lack of access control was found in the message queues maintained by Satellite's QPID broker and used by katello-agent in versions before Satellite 6.2, Satellite 6.1 optional and Satellite Capsule 6.1. A malicious user authenticated to a host registered to Satellite (or Capsule) can use this flaw to access QMF methods to any host also registered to Satellite (or Capsule) and execute privileged commands.
Vulnerable Configurations
Nessus
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2019-0733.NASL description An update for katello-installer-base which configures qpid-dispatch-router is now available for Red Hat Satellite 6.3 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The qpid-dispatch-router package provides remote host management functionality and is configured through the katello-installer-base package. Additional packages included contain enhancements to support the fix. Security Fix : * qpid-dispatch-router: QMF methods were exposed to goferd via qdrouterd (CVE-2019-3845) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. This issue was discovered by Pavel Moravec (Red Hat). last seen 2020-06-01 modified 2020-06-02 plugin id 123987 published 2019-04-11 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/123987 title RHEL 7 : Satellite Server (RHSA-2019:0733) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2019:0733. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(123987); script_version("1.6"); script_cvs_date("Date: 2020/01/23"); script_cve_id("CVE-2019-3845"); script_xref(name:"RHSA", value:"2019:0733"); script_name(english:"RHEL 7 : Satellite Server (RHSA-2019:0733)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "An update for katello-installer-base which configures qpid-dispatch-router is now available for Red Hat Satellite 6.3 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The qpid-dispatch-router package provides remote host management functionality and is configured through the katello-installer-base package. Additional packages included contain enhancements to support the fix. Security Fix : * qpid-dispatch-router: QMF methods were exposed to goferd via qdrouterd (CVE-2019-3845) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. This issue was discovered by Pavel Moravec (Red Hat)." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2019:0733" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-3845" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:A/AC:L/Au:S/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-installer-katello"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:katello-installer-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:satellite"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:satellite-capsule"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:satellite-cli"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:satellite-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:satellite-debug-tools"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/04/11"); script_set_attribute(attribute:"patch_publication_date", value:"2019/04/09"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/04/11"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 7.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2019:0733"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (! (rpm_exists(release:"RHEL7", rpm:"satellite-6.3"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, "Satellite Server"); if (rpm_check(release:"RHEL7", reference:"foreman-installer-katello-3.4.5.35-1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"katello-installer-base-3.4.5.35-1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"satellite-6.3.5.1-1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"satellite-capsule-6.3.5.1-1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"satellite-cli-6.3.5.1-1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"satellite-common-6.3.5.1-1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"satellite-debug-tools-6.3.5.1-1.el7")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "foreman-installer-katello / katello-installer-base / satellite / etc"); } }
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2019-0735.NASL description An update for katello-installer-base which configures qpid-dispatch-router is now available for Red Hat Satellite 6.4 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The qpid-dispatch-router package provides remote host management functionality and is configured through the katello-installer-base package. Additional packages included contain enhancements to support the fix. Security Fix(es) : * qpid-dispatch-router: QMF methods exposed to goferd via qdrouterd (CVE-2019-3845) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. This issue was discovered by Pavel Moravec (Red Hat). last seen 2020-06-01 modified 2020-06-02 plugin id 123988 published 2019-04-11 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/123988 title RHEL 7 : Satellite Server (RHSA-2019:0735) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2019:0735. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(123988); script_version("1.6"); script_cvs_date("Date: 2020/01/23"); script_cve_id("CVE-2019-3845"); script_xref(name:"RHSA", value:"2019:0735"); script_name(english:"RHEL 7 : Satellite Server (RHSA-2019:0735)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "An update for katello-installer-base which configures qpid-dispatch-router is now available for Red Hat Satellite 6.4 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The qpid-dispatch-router package provides remote host management functionality and is configured through the katello-installer-base package. Additional packages included contain enhancements to support the fix. Security Fix(es) : * qpid-dispatch-router: QMF methods exposed to goferd via qdrouterd (CVE-2019-3845) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. This issue was discovered by Pavel Moravec (Red Hat)." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2019:0735" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-3845" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:A/AC:L/Au:S/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:foreman-installer-katello"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:katello-installer-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:satellite"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:satellite-capsule"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:satellite-cli"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:satellite-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:satellite-debug-tools"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/04/11"); script_set_attribute(attribute:"patch_publication_date", value:"2019/04/09"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/04/11"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 7.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2019:0735"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (! (rpm_exists(release:"RHEL7", rpm:"satellite-6.4"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, "Satellite Server"); if (rpm_check(release:"RHEL7", reference:"foreman-installer-katello-3.7.0.19-1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"katello-installer-base-3.7.0.19-1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"satellite-6.4.2.1-1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"satellite-capsule-6.4.2.1-1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"satellite-cli-6.4.2.1-1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"satellite-common-6.4.2.1-1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"satellite-debug-tools-6.4.2.1-1.el7")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "foreman-installer-katello / katello-installer-base / satellite / etc"); } }
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2019-0734.NASL description An update for katello-installer-base which configures qpid-dispatch-router is now available for Red Hat Satellite 6.2 for RHEL 6 and Red Hat Satellite 6.2 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The qpid-dispatch-router package provides remote host management functionality and is configured through the katello-installer-base package. Additional packages included contain enhancements to support the fix. Security Fix(es) : * qpid-dispatch-router: QMF methods exposed to goferd via qdrouterd (CVE-2019-3845) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. This issue was discovered by Pavel Moravec (Red Hat). last seen 2020-06-01 modified 2020-06-02 plugin id 123964 published 2019-04-10 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/123964 title RHEL 6 / 7 : Satellite Server (RHSA-2019:0734) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2019-1223.NASL description An update is now available for Satellite Tools 6.5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. This update provides the Satellite 6.5 Tools repositories. For the full list of new features provided by Satellite 6.5, see the Release Notes linked to in the references section. See the Satellite 6 Installation Guide for detailed instructions on how to install a new Satellite 6.5 environment, or the Satellite 6 Upgrading and Updating guide for detailed instructions on how to upgrade from prior versions of Satellite 6. All users who require Satellite version 6.5 are advised to install these new packages. Security Fix(es) : * qpid-dispatch-router: QMF methods exposed to goferd via qdrouterd (CVE-2019-3845) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 125053 published 2019-05-14 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/125053 title RHEL 6 / 7 / 8 : Red Hat Satellite Tools (RHSA-2019:1223)
Redhat
advisories |
| ||||
rpms |
|