fkie_nvd - fkie_cve-2024-7923

fkie_cve-2024-7923

Vulnerability from fkie_nvd

Published

2024-09-04 14:15

Modified

2024-11-24 19:15

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

An authentication bypass vulnerability has been identified in Pulpcore when deployed with Gunicorn versions prior to 22.0, due to the puppet-pulpcore configuration. This issue arises from Apache's mod_proxy not properly unsetting headers because of restrictions on underscores in HTTP headers, allowing authentication through a malformed header. This flaw impacts all active Satellite deployments (6.13, 6.14 and 6.15) which are using Pulpcore version 3.0+ and could potentially enable unauthorized users to gain administrative access.

References

URL	Tags
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:6335	Vendor Advisory
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:6336	Vendor Advisory
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:6337	Vendor Advisory
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:8906
secalert@redhat.com	https://access.redhat.com/security/cve/CVE-2024-7923	Vendor Advisory
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=2305718	Issue Tracking

Impacted products

Vendor	Product	Version
redhat	satellite	6.13
redhat	satellite	6.14
redhat	satellite	6.15

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redhat:satellite:6.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "6532CA36-F59B-40E4-A6F6-0776CC4C3F78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:satellite:6.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CA2D218-9A55-4906-A5B8-5E7C4245370F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:satellite:6.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F12DC81-33E9-4693-8636-7A1AD20D5CA1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An authentication bypass vulnerability has been identified in Pulpcore when deployed with Gunicorn versions prior to 22.0, due to the puppet-pulpcore configuration. This issue arises from Apache\u0027s mod_proxy not properly unsetting headers because of restrictions on underscores in HTTP headers, allowing authentication through a malformed header. This flaw impacts all active Satellite deployments (6.13, 6.14 and 6.15) which are using Pulpcore version 3.0+ and could potentially enable unauthorized users to gain administrative access."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n en Pulpcore cuando se implementa con versiones de Gunicorn anteriores a la 22.0, debido a la configuraci\u00f3n puppet-pulpcore. Este problema surge porque mod_proxy de Apache no anula los encabezados correctamente debido a las restricciones sobre los guiones bajos en los encabezados HTTP, lo que permite la autenticaci\u00f3n a trav\u00e9s de un encabezado mal formado. Esta falla afecta a todas las implementaciones de Satellite activas (6.13, 6.14 y 6.15) que utilizan la versi\u00f3n 3.0+ de Pulpcore y podr\u00eda permitir que usuarios no autorizados obtengan acceso administrativo."
    }
  ],
  "id": "CVE-2024-7923",
  "lastModified": "2024-11-24T19:15:05.933",
  "metrics": {
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "secalert@redhat.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-09-04T14:15:14.800",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2024:6335"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2024:6336"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2024:6337"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:8906"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://access.redhat.com/security/cve/CVE-2024-7923"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2305718"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "secalert@redhat.com",
      "type": "Secondary"
    }
  ]
}

CVE-2024-7923 (GCVE-0-2024-7923)

Vulnerability from cvelistv5

Published

2024-09-04 13:41

Modified

2025-06-19 14:10

Severity ?

9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-287 - Improper Authentication

Summary

References

►

URL

Tags

	https://access.redhat.com/errata/RHSA-2024:6335	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:6336	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:6337	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:8906	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2024-7923	vdb-entry, x_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2305718	issue-tracking, x_refsource_REDHAT

Impacted products

Vendor

Product

Version

►

Version: 0 < 22.0

Red Hat	Red Hat Satellite 6.13 for RHEL 8	Unaffected: 1:3.5.2.8-1.el8sat < * cpe:/a:redhat:satellite_capsule:6.13::el8 cpe:/a:redhat:satellite:6.13::el8 cpe:/a:redhat:satellite_utils:6.13::el8
Red Hat	Red Hat Satellite 6.13 for RHEL 8	Unaffected: 1:3.5.2.8-1.el8sat < * cpe:/a:redhat:satellite_capsule:6.13::el8 cpe:/a:redhat:satellite:6.13::el8 cpe:/a:redhat:satellite_utils:6.13::el8
Red Hat	Red Hat Satellite 6.14 for RHEL 8	Unaffected: 1:3.7.0.8-1.el8sat < * cpe:/a:redhat:satellite_utils:6.14::el8 cpe:/a:redhat:satellite:6.14::el8 cpe:/a:redhat:satellite_capsule:6.14::el8
Red Hat	Red Hat Satellite 6.14 for RHEL 8	Unaffected: 1:3.7.0.8-1.el8sat < * cpe:/a:redhat:satellite_utils:6.14::el8 cpe:/a:redhat:satellite:6.14::el8 cpe:/a:redhat:satellite_capsule:6.14::el8
Red Hat	Red Hat Satellite 6.15 for RHEL 8	Unaffected: 1:3.9.3.4-1.el8sat < * cpe:/a:redhat:satellite_capsule:6.15::el8 cpe:/a:redhat:satellite_utils:6.15::el8 cpe:/a:redhat:satellite:6.15::el8
Red Hat	Red Hat Satellite 6.15 for RHEL 8	Unaffected: 1:3.9.3.4-1.el8sat < * cpe:/a:redhat:satellite_capsule:6.15::el8 cpe:/a:redhat:satellite_utils:6.15::el8 cpe:/a:redhat:satellite:6.15::el8
Red Hat	Red Hat Satellite 6.16 for RHEL 8	Unaffected: 1:3.12.0.1-1.el8sat < * cpe:/a:redhat:satellite:6.16::el8 cpe:/a:redhat:satellite_utils:6.16::el8 cpe:/a:redhat:satellite_maintenance:6.16::el8 cpe:/a:redhat:satellite_utils:6.16::el9 cpe:/a:redhat:satellite_capsule:6.16::el9 cpe:/a:redhat:satellite_capsule:6.16::el8 cpe:/a:redhat:satellite_maintenance:6.16::el9 cpe:/a:redhat:satellite:6.16::el9
Red Hat	Red Hat Satellite 6.16 for RHEL 8	Unaffected: 1:3.12.0.1-1.el8sat < * cpe:/a:redhat:satellite:6.16::el8 cpe:/a:redhat:satellite_utils:6.16::el8 cpe:/a:redhat:satellite_maintenance:6.16::el8 cpe:/a:redhat:satellite_utils:6.16::el9 cpe:/a:redhat:satellite_capsule:6.16::el9 cpe:/a:redhat:satellite_capsule:6.16::el8 cpe:/a:redhat:satellite_maintenance:6.16::el9 cpe:/a:redhat:satellite:6.16::el9
Red Hat	Red Hat Satellite 6.16 for RHEL 9	Unaffected: 1:3.12.0.1-1.el9sat < * cpe:/a:redhat:satellite:6.16::el8 cpe:/a:redhat:satellite_utils:6.16::el8 cpe:/a:redhat:satellite_maintenance:6.16::el8 cpe:/a:redhat:satellite_utils:6.16::el9 cpe:/a:redhat:satellite_capsule:6.16::el9 cpe:/a:redhat:satellite_capsule:6.16::el8 cpe:/a:redhat:satellite_maintenance:6.16::el9 cpe:/a:redhat:satellite:6.16::el9
Red Hat	Red Hat Satellite 6.16 for RHEL 9	Unaffected: 1:3.12.0.1-1.el9sat < * cpe:/a:redhat:satellite:6.16::el8 cpe:/a:redhat:satellite_utils:6.16::el8 cpe:/a:redhat:satellite_maintenance:6.16::el8 cpe:/a:redhat:satellite_utils:6.16::el9 cpe:/a:redhat:satellite_capsule:6.16::el9 cpe:/a:redhat:satellite_capsule:6.16::el8 cpe:/a:redhat:satellite_maintenance:6.16::el9 cpe:/a:redhat:satellite:6.16::el9
Red Hat	Red Hat Update Infrastructure 4 for Cloud Providers	cpe:/a:redhat:rhui:4::el8
Red Hat	Red Hat Update Infrastructure 4 for Cloud Providers	cpe:/a:redhat:rhui:4::el8
Red Hat	Red Hat Update Infrastructure 4 for Cloud Providers	cpe:/a:redhat:rhui:4::el8

Show details on NVD website