SUSE update for python-requests



Published: 2022-05-23
Risk High
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2018-18074
CWE-ID CWE-255
Exploitation vector Network
Public exploit Public exploit code for vulnerability #1 is available.
Vulnerable software
Subscribe 		SUSE Linux Enterprise Server for SAP Applications
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing
Operating systems & Components / Operating system

SUSE Manager Tools
Operating systems & Components / Operating system

SUSE Linux Enterprise Server
Operating systems & Components / Operating system

SUSE Linux Enterprise Module for Advanced Systems Management
Operating systems & Components / Operating system

SUSE Linux Enterprise High Availability
Operating systems & Components / Operating system

SUSE OpenStack Cloud Crowbar
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for SAP
Operating systems & Components / Operating system

HPE Helion Openstack
Operating systems & Components / Operating system

SUSE OpenStack Cloud
Operating systems & Components / Operating system

python3-requests
Operating systems & Components / Operating system package or component

python-requests
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains one high risk vulnerability.

1) Credentials management

EUVDB-ID: #VU19388

Risk: High

CVSSv3.1: 8.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2018-18074

CWE-ID: CWE-255 - Credentials Management

Exploit availability: No

Description

The vulnerability allows a remote attacker to access sensitive information on a targeted system.

The vulnerability exists due to the software does not remove the HTTP Authorization header when following an HTTPS-to-HTTP redirect with the same hostname. A remote attacker who is able to perform a man-in-the-middle attack can sniff network traffic in transit between two systems on the targeted network and access sensitive information, such as user credentials.

Mitigation

Update the affected package python-requests to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server for SAP Applications: 12-SP3 - 12-SP5

SUSE Linux Enterprise High Performance Computing: 12 - 12-SP4

SUSE Manager Tools: 12 BETA

SUSE Linux Enterprise Server: 12-SP2-BCL - 12-SP5

SUSE Linux Enterprise Module for Advanced Systems Management: 12

SUSE Linux Enterprise High Availability: 12-SP3 - 12-SP4

SUSE OpenStack Cloud Crowbar: 8 - 9

SUSE Linux Enterprise Server for SAP: 12-SP3 - 12-SP4

HPE Helion Openstack: 8

SUSE OpenStack Cloud: 8 - 9

python3-requests: before 2.11.1-6.31.1

python-requests: before 2.11.1-6.31.1

External links

http://www.suse.com/support/update/announcement/2022/suse-su-20221819-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.



###SIDEBAR###