Описание
A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be started manually. The pmproxy service is usually started from the 'Metrics settings' page of the Cockpit web interface. This flaw affects PCP versions 4.3.4 and newer.
Отчет
As this flaw allows a attacker from the local network to execute arbitrary code and it requires the pmproxy service to be running, which is not the default, it has been rated with an important severity. PCP, as shipped in Red Hat Enterprise Linux 6 and 7, is not affected by this vulnerability because the Redis server backend is not enabled and exposed via pmproxy. Additionally, RHEL9 is not exploitable if the redis:7 module is installed instead of the default Redis version 6.
Меры по смягчению последствий
To mitigate this flaw, stop and disable the pmproxy.service or disable the Redis server backend via the pmproxy configuration file. To stop and disable the pmproxy.service, run the following command:
To disable the Redis backend server via the pmproxy configuration file:
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | pcp | Not affected | ||
| Red Hat Enterprise Linux 7 | pcp | Not affected | ||
| Red Hat Enterprise Linux 8 | pcp | Fixed | RHSA-2024:3264 | 22.05.2024 |
| Red Hat Enterprise Linux 8.2 Advanced Update Support | pcp | Fixed | RHSA-2024:3392 | 28.05.2024 |
| Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | pcp | Fixed | RHSA-2024:3323 | 23.05.2024 |
| Red Hat Enterprise Linux 8.4 Telecommunications Update Service | pcp | Fixed | RHSA-2024:3323 | 23.05.2024 |
| Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions | pcp | Fixed | RHSA-2024:3323 | 23.05.2024 |
| Red Hat Enterprise Linux 8.6 Extended Update Support | pcp | Fixed | RHSA-2024:3324 | 23.05.2024 |
| Red Hat Enterprise Linux 8.8 Extended Update Support | pcp | Fixed | RHSA-2024:3322 | 23.05.2024 |
| Red Hat Enterprise Linux 9 | pcp | Fixed | RHSA-2024:2566 | 30.04.2024 |
Показывать по
Дополнительная информация
Статус:
8.8 High
CVSS3
Связанные уязвимости
A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be started manually. The pmproxy service is usually started from the 'Metrics settings' page of the Cockpit web interface. This flaw affects PCP versions 4.3.4 and newer.
A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be started manually. The pmproxy service is usually started from the 'Metrics settings' page of the Cockpit web interface. This flaw affects PCP versions 4.3.4 and newer.
A flaw was found in PCP. The default pmproxy configuration exposes the ...
8.8 High
CVSS3