Ecosyste.ms: Advisories

Security Advisories: GSA_kwCzR0hTQS01eHYyLXE0NzUtcndyaM4AAfRW

Katello uses hard coded credential

The installation script in Katello 1.0 and earlier does not properly generate the Application.config.secret_token value, which causes each default installation to have the same secret token, and allows remote attackers to authenticate to the CloudForms System Engine web interface as an arbitrary user by creating a cookie using the default secret_token.

Permalink: https://github.com/advisories/GHSA-5xv2-q475-rwrh
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS01eHYyLXE0NzUtcndyaM4AAfRW
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Critical
Classification: General
Published: almost 2 years ago
Updated: 17 days ago

CVSS Score: 9.8
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Identifiers: GHSA-5xv2-q475-rwrh, CVE-2012-3503
References:

• https://nvd.nist.gov/vuln/detail/CVE-2012-3503
• https://github.com/Katello/katello/pull/499
• https://github.com/Katello/katello/commit/7c256fef9d75029d0ffff58ff1dcda915056d3a3
• http://rhn.redhat.com/errata/RHSA-2012-1186.html
• http://rhn.redhat.com/errata/RHSA-2012-1187.html
• https://web.archive.org/web/20140806122239/http://secunia.com/advisories/50344
• https://web.archive.org/web/20200229120740/http://www.securityfocus.com/bid/55140
• https://github.com/advisories/GHSA-5xv2-q475-rwrh
• https://github.com/rubysec/ruby-advisory-db/blob/master/gems/katello/CVE-2012-3503.yml

Repository: https://github.com/Katello/katello
Blast Radius: 9.8

Affected Packages