Описание
An authentication bypass vulnerability has been identified in Pulpcore when deployed with Gunicorn versions prior to 22.0, due to the puppet-pulpcore configuration. This issue arises from Apache's mod_proxy not properly unsetting headers because of restrictions on underscores in HTTP headers, allowing authentication through a malformed header. This flaw impacts all active Satellite deployments (6.13, 6.14 and 6.15) which are using Pulpcore version 3.0+ and could potentially enable unauthorized users to gain administrative access.
Отчет
This vulnerability is rated as Critical severity because this flaw allows attackers to gain unauthorized administrative access. There is no threat to users of RHUI because there is no public access to Pulp by RHUI users.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Update Infrastructure 4 for Cloud Providers | pulpcore-selinux | Not affected | ||
| Red Hat Update Infrastructure 4 for Cloud Providers | python-pulpcore | Not affected | ||
| Red Hat Update Infrastructure 4 for Cloud Providers | python-pulpcore-client | Not affected | ||
| Red Hat Satellite 6.13 for RHEL 8 | foreman-installer | Fixed | RHSA-2024:6337 | 04.09.2024 |
| Red Hat Satellite 6.13 for RHEL 8 | foreman-installer | Fixed | RHSA-2024:6337 | 04.09.2024 |
| Red Hat Satellite 6.14 for RHEL 8 | foreman-installer | Fixed | RHSA-2024:6336 | 04.09.2024 |
| Red Hat Satellite 6.14 for RHEL 8 | foreman-installer | Fixed | RHSA-2024:6336 | 04.09.2024 |
| Red Hat Satellite 6.15 for RHEL 8 | foreman-installer | Fixed | RHSA-2024:6335 | 04.09.2024 |
| Red Hat Satellite 6.15 for RHEL 8 | foreman-installer | Fixed | RHSA-2024:6335 | 04.09.2024 |
| Red Hat Satellite 6.16 for RHEL 8 | foreman-installer | Fixed | RHSA-2024:8906 | 05.11.2024 |
Показывать по
Дополнительная информация
Статус:
EPSS
9.8 Critical
CVSS3
Связанные уязвимости
An authentication bypass vulnerability has been identified in Pulpcore when deployed with Gunicorn versions prior to 22.0, due to the puppet-pulpcore configuration. This issue arises from Apache's mod_proxy not properly unsetting headers because of restrictions on underscores in HTTP headers, allowing authentication through a malformed header. This flaw impacts all active Satellite deployments (6.13, 6.14 and 6.15) which are using Pulpcore version 3.0+ and could potentially enable unauthorized users to gain administrative access.
An authentication bypass vulnerability has been identified in Pulpcore when deployed with Gunicorn versions prior to 22.0, due to the puppet-pulpcore configuration. This issue arises from Apache's mod_proxy not properly unsetting headers because of restrictions on underscores in HTTP headers, allowing authentication through a malformed header. This flaw impacts all active Satellite deployments (6.13, 6.14 and 6.15) which are using Pulpcore version 3.0+ and could potentially enable unauthorized users to gain administrative access.
Уязвимость компонента Pulpcore платформы для централизованного управления жизненным циклом продуктов Red Hat Satellite , связанная с недостатками процедуры аутентификации, позволяющая нарушителю обойти процесс аутентификации
EPSS
9.8 Critical
CVSS3