Main Vulnerability Database SB2022062203

SB2022062203 - SUSE update for SUSE Manager Server 4.2

Published: June 22, 2022

Security Bulletin ID SB2022062203

CSH Severity

High

Patch available

YES

Number of vulnerabilities 3

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 3 vulnerabilities.

1) Resource exhaustion (CVE-ID: CVE-2021-44906)

CWE-ID: CWE-400 - Resource exhaustion

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to application does not properly control consumption of internal resources. A remote attacker can trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.

2) Allocation of Resources Without Limits or Throttling (CVE-ID: CVE-2022-21952)

CWE-ID: CWE-770 - Allocation of Resources Without Limits or Throttling

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to the "/rhn/manager/frontend-log" script takes a text as a POST parameter and then it writes into the "/var/log/rhn/rhn_web_frontend.log" file. A remote non-authenticated attacker can send arbitrary amount of data to the application log and consume all available disk space, cause a denial of service condition.

3) Information Exposure Through an Error Message (CVE-ID: CVE-2022-31248)

CWE-ID: CWE-209 - Information Exposure Through an Error Message

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a remote attacker to enumerate email addresses of registered users.

The vulnerability exists due to the application in /rhn/help/ForgotCredentials.do exposes information about pretense of an email address of the registered user within the application. A remote non-authenticated attacker can enumerate email addresses of application users.

Remediation

Install update from vendor's website.

References

https://www.suse.com/support/update/announcement/2022/suse-su-20222144-1/

Vulnerable Software

SUSE Linux Enterprise Module for SUSE Manager Server: 4.2
SUSE Manager Server: 4.2
inter-server-sync-debuginfo: before 0.2.2-150300.8.17.1
inter-server-sync: before 0.2.2-150300.8.17.1
prometheus-formula: before 0.6.2-150300.3.14.1
salt-netapi-client: before 0.19.0-150300.3.6.1
virtual-host-gatherer-libcloud: before 1.0.23-150300.3.3.1
virtual-host-gatherer-VMware: before 1.0.23-150300.3.3.1
virtual-host-gatherer-Nutanix: before 1.0.23-150300.3.3.1
virtual-host-gatherer-Kubernetes: before 1.0.23-150300.3.3.1
virtual-host-gatherer: before 1.0.23-150300.3.3.1
supportutils-plugin-salt: before 1.2.0-150300.3.3.1
smdba: before 1.7.10-0.150300.3.6.1
susemanager-sync-data: before 4.2.12-150300.3.18.3
spacewalk-utils-extras: before 4.2.16-150300.3.15.5
spacewalk-utils: before 4.2.16-150300.3.15.5
python3-spacewalk-certs-tools: before 4.2.16-150300.3.18.3
spacewalk-certs-tools: before 4.2.16-150300.3.18.3
spacecmd: before 4.2.17-150300.4.21.4
susemanager-schema: before 4.2.22-150300.3.21.6
spacewalk-backend-app: before 4.2.22-150300.4.23.1
spacewalk-backend-xmlrpc: before 4.2.22-150300.4.23.1
spacewalk-backend-xml-export-libs: before 4.2.22-150300.4.23.1
spacewalk-backend-iss-export: before 4.2.22-150300.4.23.1
spacewalk-backend: before 4.2.22-150300.4.23.1
spacewalk-backend-applet: before 4.2.22-150300.4.23.1
spacewalk-backend-config-files: before 4.2.22-150300.4.23.1
spacewalk-backend-config-files-common: before 4.2.22-150300.4.23.1
spacewalk-backend-config-files-tool: before 4.2.22-150300.4.23.1
spacewalk-backend-iss: before 4.2.22-150300.4.23.1
spacewalk-backend-tools: before 4.2.22-150300.4.23.1
spacewalk-backend-package-push-server: before 4.2.22-150300.4.23.1
spacewalk-backend-sql-postgresql: before 4.2.22-150300.4.23.1
spacewalk-backend-sql: before 4.2.22-150300.4.23.1
spacewalk-backend-server: before 4.2.22-150300.4.23.1
uyuni-config-modules: before 4.2.23-150300.3.25.4
susemanager-sls: before 4.2.23-150300.3.25.4
spacewalk-html: before 4.2.27-150300.3.21.7
spacewalk-base: before 4.2.27-150300.3.21.7
spacewalk-base-minimal: before 4.2.27-150300.3.21.7
spacewalk-base-minimal-config: before 4.2.27-150300.3.21.7
susemanager: before 4.2.32-150300.3.31.1
susemanager-tools: before 4.2.32-150300.3.31.1
spacewalk-java-lib: before 4.2.38-150300.3.35.1
spacewalk-java: before 4.2.38-150300.3.35.1
spacewalk-taskomatic: before 4.2.38-150300.3.35.1
spacewalk-java-postgresql: before 4.2.38-150300.3.35.1
spacewalk-java-config: before 4.2.38-150300.3.35.1
susemanager-docs_en-pdf: before 4.2-150300.12.27.1
susemanager-docs_en: before 4.2-150300.12.27.1
susemanager-doc-indexes: before 4.2-150300.12.27.6

SB2022062203 - SUSE update for SUSE Manager Server 4.2

Breakdown by Severity

Description

Remediation

References

Please verify you're human