SB2022062201 - Multiple vulnerabilities in Uyuni SUSE Manager

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Information Exposure Through an Error Message (CVE-ID: CVE-2022-31248)

The vulnerability allows a remote attacker to enumerate email addresses of registered users.

The vulnerability exists due to the application in /rhn/help/ForgotCredentials.do exposes information about pretense of an email address of the registered user within the application. A remote non-authenticated attacker can enumerate email addresses of application users.

2) Allocation of Resources Without Limits or Throttling (CVE-ID: CVE-2022-21952)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to the "/rhn/manager/frontend-log" script takes a text as a POST parameter and then it writes into the "/var/log/rhn/rhn_web_frontend.log" file. A remote non-authenticated attacker can send arbitrary amount of data to the application log and consume all available disk space, cause a denial of service condition.

Remediation

Install update from vendor's website.

References

• https://bugzilla.suse.com/show_bug.cgi?id=1199629
• https://bugzilla.suse.com/show_bug.cgi?id=1199512