SUSE update for SUSE Manager Client Tools



Published: 2023-02-12
Risk Medium
Patch available YES
Number of vulnerabilities 6
CVE-ID CVE-2022-31123
CVE-2022-31130
CVE-2022-39201
CVE-2022-39229
CVE-2022-39306
CVE-2022-39307
CWE-ID CWE-347
CWE-200
CWE-287
CWE-20
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		SUSE Manager Tools
Operating systems & Components / Operating system

spacewalk-client-tools
Operating systems & Components / Operating system package or component

spacewalk-client-setup
Operating systems & Components / Operating system package or component

spacewalk-check
Operating systems & Components / Operating system package or component

spacecmd
Operating systems & Components / Operating system package or component

python2-spacewalk-client-tools
Operating systems & Components / Operating system package or component

python2-spacewalk-client-setup
Operating systems & Components / Operating system package or component

python2-spacewalk-check
Operating systems & Components / Operating system package or component

python2-rhnlib
Operating systems & Components / Operating system package or component

python2-mgr-push
Operating systems & Components / Operating system package or component

python2-mgr-osad
Operating systems & Components / Operating system package or component

python2-mgr-osa-common
Operating systems & Components / Operating system package or component

mgr-push
Operating systems & Components / Operating system package or component

mgr-osad
Operating systems & Components / Operating system package or component

kiwi-desc-saltboot
Operating systems & Components / Operating system package or component

python2-uyuni-common-libs
Operating systems & Components / Operating system package or component

grafana
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 6 vulnerabilities.

1) Improper Verification of Cryptographic Signature

EUVDB-ID: #VU72128

Risk: Medium

CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-31123

CWE-ID: CWE-347 - Improper Verification of Cryptographic Signature

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected instance.

The vulnerability exists due to missing signature verification mechanism. A remote attacker can trick the server admin into installing a malicious plugin even though unsigned plugins are not allowed.

Mitigation

Update the affected package SUSE Manager Client Tools to the latest version.

Vulnerable software versions

SUSE Manager Tools: 12 BETA

spacewalk-client-tools: before 4.3.14-52.83.1

spacewalk-client-setup: before 4.3.14-52.83.1

spacewalk-check: before 4.3.14-52.83.1

spacecmd: before 4.3.18-38.115.1

python2-spacewalk-client-tools: before 4.3.14-52.83.1

python2-spacewalk-client-setup: before 4.3.14-52.83.1

python2-spacewalk-check: before 4.3.14-52.83.1

python2-rhnlib: before 4.3.5-21.46.1

python2-mgr-push: before 4.3.5-1.24.1

python2-mgr-osad: before 4.3.7-1.42.1

python2-mgr-osa-common: before 4.3.7-1.42.1

mgr-push: before 4.3.5-1.24.1

mgr-osad: before 4.3.7-1.42.1

kiwi-desc-saltboot: before 0.1.1673279145.e7616bd-1.32.1

python2-uyuni-common-libs: before 4.3.7-1.30.1

grafana: before 8.5.15-1.39.1

External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230352-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Information disclosure

EUVDB-ID: #VU72130

Risk: Medium

CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-31130

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote user to gain access to potentially sensitive information.

The vulnerability exists due to the GitLab data source plugin leaks the API key to GitLab. A remote privileged user can expose Grafana authentication token to a third-party.

Mitigation

Update the affected package SUSE Manager Client Tools to the latest version.

Vulnerable software versions

SUSE Manager Tools: 12 BETA

spacewalk-client-tools: before 4.3.14-52.83.1

spacewalk-client-setup: before 4.3.14-52.83.1

spacewalk-check: before 4.3.14-52.83.1

spacecmd: before 4.3.18-38.115.1

python2-spacewalk-client-tools: before 4.3.14-52.83.1

python2-spacewalk-client-setup: before 4.3.14-52.83.1

python2-spacewalk-check: before 4.3.14-52.83.1

python2-rhnlib: before 4.3.5-21.46.1

python2-mgr-push: before 4.3.5-1.24.1

python2-mgr-osad: before 4.3.7-1.42.1

python2-mgr-osa-common: before 4.3.7-1.42.1

mgr-push: before 4.3.5-1.24.1

mgr-osad: before 4.3.7-1.42.1

kiwi-desc-saltboot: before 0.1.1673279145.e7616bd-1.32.1

python2-uyuni-common-libs: before 4.3.7-1.30.1

grafana: before 8.5.15-1.39.1

External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230352-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Information disclosure

EUVDB-ID: #VU72131

Risk: Medium

CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-39201

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote user to gain access to potentially sensitive information.

The vulnerability exists due to Grafana leaks the authentication cookie of users to plugins. A remote user can gain unauthorized access to sensitive information.

Mitigation

Update the affected package SUSE Manager Client Tools to the latest version.

Vulnerable software versions

SUSE Manager Tools: 12 BETA

spacewalk-client-tools: before 4.3.14-52.83.1

spacewalk-client-setup: before 4.3.14-52.83.1

spacewalk-check: before 4.3.14-52.83.1

spacecmd: before 4.3.18-38.115.1

python2-spacewalk-client-tools: before 4.3.14-52.83.1

python2-spacewalk-client-setup: before 4.3.14-52.83.1

python2-spacewalk-check: before 4.3.14-52.83.1

python2-rhnlib: before 4.3.5-21.46.1

python2-mgr-push: before 4.3.5-1.24.1

python2-mgr-osad: before 4.3.7-1.42.1

python2-mgr-osa-common: before 4.3.7-1.42.1

mgr-push: before 4.3.5-1.24.1

mgr-osad: before 4.3.7-1.42.1

kiwi-desc-saltboot: before 0.1.1673279145.e7616bd-1.32.1

python2-uyuni-common-libs: before 4.3.7-1.30.1

grafana: before 8.5.15-1.39.1

External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230352-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Improper Authentication

EUVDB-ID: #VU72132

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-39229

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a remote attacker to deny access to the application.

The vulnerability exists due to a logic error in the authentication process, where application allows usage of the same email address by different accounts. A remote user can set an existing email address that belongs to another user as their username and prevent that user from accessing the application.

Mitigation

Update the affected package SUSE Manager Client Tools to the latest version.

Vulnerable software versions

SUSE Manager Tools: 12 BETA

spacewalk-client-tools: before 4.3.14-52.83.1

spacewalk-client-setup: before 4.3.14-52.83.1

spacewalk-check: before 4.3.14-52.83.1

spacecmd: before 4.3.18-38.115.1

python2-spacewalk-client-tools: before 4.3.14-52.83.1

python2-spacewalk-client-setup: before 4.3.14-52.83.1

python2-spacewalk-check: before 4.3.14-52.83.1

python2-rhnlib: before 4.3.5-21.46.1

python2-mgr-push: before 4.3.5-1.24.1

python2-mgr-osad: before 4.3.7-1.42.1

python2-mgr-osa-common: before 4.3.7-1.42.1

mgr-push: before 4.3.5-1.24.1

mgr-osad: before 4.3.7-1.42.1

kiwi-desc-saltboot: before 0.1.1673279145.e7616bd-1.32.1

python2-uyuni-common-libs: before 4.3.7-1.30.1

grafana: before 8.5.15-1.39.1

External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230352-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Input validation error

EUVDB-ID: #VU69484

Risk: Medium

CVSSv3.1: 5.6 [CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-39306

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to insufficient validation of user-supplied input. A remote user can use the invitation link to sign up with an arbitrary username/email with a malicious intent.

Mitigation

Update the affected package SUSE Manager Client Tools to the latest version.

Vulnerable software versions

SUSE Manager Tools: 12 BETA

spacewalk-client-tools: before 4.3.14-52.83.1

spacewalk-client-setup: before 4.3.14-52.83.1

spacewalk-check: before 4.3.14-52.83.1

spacecmd: before 4.3.18-38.115.1

python2-spacewalk-client-tools: before 4.3.14-52.83.1

python2-spacewalk-client-setup: before 4.3.14-52.83.1

python2-spacewalk-check: before 4.3.14-52.83.1

python2-rhnlib: before 4.3.5-21.46.1

python2-mgr-push: before 4.3.5-1.24.1

python2-mgr-osad: before 4.3.7-1.42.1

python2-mgr-osa-common: before 4.3.7-1.42.1

mgr-push: before 4.3.5-1.24.1

mgr-osad: before 4.3.7-1.42.1

kiwi-desc-saltboot: before 0.1.1673279145.e7616bd-1.32.1

python2-uyuni-common-libs: before 4.3.7-1.30.1

grafana: before 8.5.15-1.39.1

External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230352-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Information disclosure

EUVDB-ID: #VU69485

Risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-39307

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application when using the forget password on the login page. A remote attacker can gain unauthorized access to sensitive information on the system.

Mitigation

Update the affected package SUSE Manager Client Tools to the latest version.

Vulnerable software versions

SUSE Manager Tools: 12 BETA

spacewalk-client-tools: before 4.3.14-52.83.1

spacewalk-client-setup: before 4.3.14-52.83.1

spacewalk-check: before 4.3.14-52.83.1

spacecmd: before 4.3.18-38.115.1

python2-spacewalk-client-tools: before 4.3.14-52.83.1

python2-spacewalk-client-setup: before 4.3.14-52.83.1

python2-spacewalk-check: before 4.3.14-52.83.1

python2-rhnlib: before 4.3.5-21.46.1

python2-mgr-push: before 4.3.5-1.24.1

python2-mgr-osad: before 4.3.7-1.42.1

python2-mgr-osa-common: before 4.3.7-1.42.1

mgr-push: before 4.3.5-1.24.1

mgr-osad: before 4.3.7-1.42.1

kiwi-desc-saltboot: before 0.1.1673279145.e7616bd-1.32.1

python2-uyuni-common-libs: before 4.3.7-1.30.1

grafana: before 8.5.15-1.39.1

External links

http://www.suse.com/support/update/announcement/2023/suse-su-20230352-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###