Vulnerabilities > CVE-2019-3891 - Information Exposure Through Log Files vulnerability in Redhat Satellite 6.4
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
It was discovered that a world-readable log file belonging to Candlepin component of Red Hat Satellite 6.4 leaked the credentials of the Candlepin database. A malicious user with local access to a Satellite host can use those credentials to modify the database and prevent Satellite from fetching package updates, thus preventing all Satellite hosts from accessing those updates.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Fuzzing and observing application log data/errors for application mapping An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. Fuzzing techniques involve sending random or malformed messages to a target and monitoring the target's response. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash. By observing logs and error messages, the attacker can learn details about the configuration of the target application and might be able to cause the target to disclose sensitive information.
Nessus
| NASL family | Red Hat Local Security Checks |
| NASL id | REDHAT-RHSA-2019-1222.NASL |
| description | Red Hat Satellite 6.5 for RHEL 7 is now available containing security fixes, bug fixes, and enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Security Fix(es) : * RESTEasy: Abuse of GZIPInterceptor in RESTEasy can lead to denial of service attack (CVE-2016-6346) * pulp: Improper path parsing leads to overwriting of iso repositories (CVE-2018-10917) * foreman: Persisted XSS on all pages that use breadcrumbs (CVE-2018-14664) * foreman: stored XSS in success notification after entity creation (CVE-2018-16861) * katello: stored XSS in subscriptions and repositories pages (CVE-2018-16887) * candlepin: credentials exposure through log files (CVE-2019-3891) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes : This update also fixes several bugs and adds various enhancements. Documentation for these changes is available from the Release Notes document linked to in the References section. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 125052 |
| published | 2019-05-14 |
| reporter | This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/125052 |
| title | RHEL 7 : Satellite Server (RHSA-2019:1222) |
Redhat
| advisories |
| ||||
| rpms |
|