RHEL 7 : Satellite 6.5 Release (Moderate) (RHSA-2019:1222)

high Nessus Plugin ID 125052

Synopsis

The remote Red Hat host is missing one or more security updates.

Description

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1222 advisory.

Red Hat Satellite is a systems management tool for Linux-based infrastructure.
It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool.

Security Fix(es):

* RESTEasy: Abuse of GZIPInterceptor in RESTEasy can lead to denial of service attack (CVE-2016-6346)

* pulp: Improper path parsing leads to overwriting of iso repositories (CVE-2018-10917)

* foreman: Persisted XSS on all pages that use breadcrumbs (CVE-2018-14664)

* foreman: stored XSS in success notification after entity creation (CVE-2018-16861)

* katello: stored XSS in subscriptions and repositories pages (CVE-2018-16887)

* candlepin: credentials exposure through log files (CVE-2019-3891)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

This update also fixes several bugs and adds various enhancements. Documentation for these changes is available from the Release Notes document linked to in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

http://www.nessus.org/u?10fe82b0

http://www.nessus.org/u?2dfff19c

https://access.redhat.com/errata/RHSA-2019:1222

https://access.redhat.com/security/updates/classification/#moderate

https://bugzilla.redhat.com/show_bug.cgi?id=1143987

https://bugzilla.redhat.com/show_bug.cgi?id=1155811

https://bugzilla.redhat.com/show_bug.cgi?id=1170174

https://bugzilla.redhat.com/show_bug.cgi?id=1232475

https://bugzilla.redhat.com/show_bug.cgi?id=1233431

https://bugzilla.redhat.com/show_bug.cgi?id=1267766

https://bugzilla.redhat.com/show_bug.cgi?id=1305040

https://bugzilla.redhat.com/show_bug.cgi?id=1335621

https://bugzilla.redhat.com/show_bug.cgi?id=1339743

https://bugzilla.redhat.com/show_bug.cgi?id=1356126

https://bugzilla.redhat.com/show_bug.cgi?id=1372120

https://bugzilla.redhat.com/show_bug.cgi?id=1396974

https://bugzilla.redhat.com/show_bug.cgi?id=1397590

https://bugzilla.redhat.com/show_bug.cgi?id=1402134

https://bugzilla.redhat.com/show_bug.cgi?id=1408782

https://bugzilla.redhat.com/show_bug.cgi?id=1418026

https://bugzilla.redhat.com/show_bug.cgi?id=1438030

https://bugzilla.redhat.com/show_bug.cgi?id=1445070

https://bugzilla.redhat.com/show_bug.cgi?id=1447963

https://bugzilla.redhat.com/show_bug.cgi?id=1449290

https://bugzilla.redhat.com/show_bug.cgi?id=1451277

https://bugzilla.redhat.com/show_bug.cgi?id=1458898

https://bugzilla.redhat.com/show_bug.cgi?id=1468557

https://bugzilla.redhat.com/show_bug.cgi?id=1470987

https://bugzilla.redhat.com/show_bug.cgi?id=1476379

https://bugzilla.redhat.com/show_bug.cgi?id=1476938

https://bugzilla.redhat.com/show_bug.cgi?id=1481315

https://bugzilla.redhat.com/show_bug.cgi?id=1488235

https://bugzilla.redhat.com/show_bug.cgi?id=1488475

https://bugzilla.redhat.com/show_bug.cgi?id=1489252

https://bugzilla.redhat.com/show_bug.cgi?id=1489379

https://bugzilla.redhat.com/show_bug.cgi?id=1489486

https://bugzilla.redhat.com/show_bug.cgi?id=1492848

https://bugzilla.redhat.com/show_bug.cgi?id=1495308

https://bugzilla.redhat.com/show_bug.cgi?id=1500972

https://bugzilla.redhat.com/show_bug.cgi?id=1501683

https://bugzilla.redhat.com/show_bug.cgi?id=1501927

https://bugzilla.redhat.com/show_bug.cgi?id=1502752

https://bugzilla.redhat.com/show_bug.cgi?id=1508169

https://bugzilla.redhat.com/show_bug.cgi?id=1514013

https://bugzilla.redhat.com/show_bug.cgi?id=1515082

https://bugzilla.redhat.com/show_bug.cgi?id=1515671

https://bugzilla.redhat.com/show_bug.cgi?id=1516803

https://bugzilla.redhat.com/show_bug.cgi?id=1517084

https://bugzilla.redhat.com/show_bug.cgi?id=1517706

https://bugzilla.redhat.com/show_bug.cgi?id=1519779

https://bugzilla.redhat.com/show_bug.cgi?id=1523147

https://bugzilla.redhat.com/show_bug.cgi?id=1523433

https://bugzilla.redhat.com/show_bug.cgi?id=1523940

https://bugzilla.redhat.com/show_bug.cgi?id=1528524

https://bugzilla.redhat.com/show_bug.cgi?id=1532675

https://bugzilla.redhat.com/show_bug.cgi?id=1534608

https://bugzilla.redhat.com/show_bug.cgi?id=1534967

https://bugzilla.redhat.com/show_bug.cgi?id=1537266

https://bugzilla.redhat.com/show_bug.cgi?id=1538688

https://bugzilla.redhat.com/show_bug.cgi?id=1541393

https://bugzilla.redhat.com/show_bug.cgi?id=1545364

https://bugzilla.redhat.com/show_bug.cgi?id=1547821

https://bugzilla.redhat.com/show_bug.cgi?id=1549088

https://bugzilla.redhat.com/show_bug.cgi?id=1549761

https://bugzilla.redhat.com/show_bug.cgi?id=1552142

https://bugzilla.redhat.com/show_bug.cgi?id=1552159

https://bugzilla.redhat.com/show_bug.cgi?id=1552200

https://bugzilla.redhat.com/show_bug.cgi?id=1553105

https://bugzilla.redhat.com/show_bug.cgi?id=1554421

https://bugzilla.redhat.com/show_bug.cgi?id=1557436

https://bugzilla.redhat.com/show_bug.cgi?id=1639676

https://bugzilla.redhat.com/show_bug.cgi?id=1640628

https://bugzilla.redhat.com/show_bug.cgi?id=1640644

https://bugzilla.redhat.com/show_bug.cgi?id=1640686

https://bugzilla.redhat.com/show_bug.cgi?id=1641017

https://bugzilla.redhat.com/show_bug.cgi?id=1641266

https://bugzilla.redhat.com/show_bug.cgi?id=1641785

https://bugzilla.redhat.com/show_bug.cgi?id=1641864

https://bugzilla.redhat.com/show_bug.cgi?id=1642088

https://bugzilla.redhat.com/show_bug.cgi?id=1642496

https://bugzilla.redhat.com/show_bug.cgi?id=1642549

https://bugzilla.redhat.com/show_bug.cgi?id=1643130

https://bugzilla.redhat.com/show_bug.cgi?id=1643432

https://bugzilla.redhat.com/show_bug.cgi?id=1643740

https://bugzilla.redhat.com/show_bug.cgi?id=1643818

https://bugzilla.redhat.com/show_bug.cgi?id=1643871

https://bugzilla.redhat.com/show_bug.cgi?id=1644127

https://bugzilla.redhat.com/show_bug.cgi?id=1644144

https://bugzilla.redhat.com/show_bug.cgi?id=1644189

https://bugzilla.redhat.com/show_bug.cgi?id=1644191

https://bugzilla.redhat.com/show_bug.cgi?id=1644192

https://bugzilla.redhat.com/show_bug.cgi?id=1644208

https://bugzilla.redhat.com/show_bug.cgi?id=1644354

https://bugzilla.redhat.com/show_bug.cgi?id=1644571

https://bugzilla.redhat.com/show_bug.cgi?id=1644586

https://bugzilla.redhat.com/show_bug.cgi?id=1644593

https://bugzilla.redhat.com/show_bug.cgi?id=1644596

https://bugzilla.redhat.com/show_bug.cgi?id=1644618

https://bugzilla.redhat.com/show_bug.cgi?id=1644823

https://bugzilla.redhat.com/show_bug.cgi?id=1645017

https://bugzilla.redhat.com/show_bug.cgi?id=1645057

https://bugzilla.redhat.com/show_bug.cgi?id=1645144

https://bugzilla.redhat.com/show_bug.cgi?id=1645174

https://bugzilla.redhat.com/show_bug.cgi?id=1645190

https://bugzilla.redhat.com/show_bug.cgi?id=1645201

https://bugzilla.redhat.com/show_bug.cgi?id=1645365

https://bugzilla.redhat.com/show_bug.cgi?id=1645372

https://bugzilla.redhat.com/show_bug.cgi?id=1645396

https://bugzilla.redhat.com/show_bug.cgi?id=1645398

https://bugzilla.redhat.com/show_bug.cgi?id=1645587

https://bugzilla.redhat.com/show_bug.cgi?id=1645737

https://bugzilla.redhat.com/show_bug.cgi?id=1646184

https://bugzilla.redhat.com/show_bug.cgi?id=1646409

https://bugzilla.redhat.com/show_bug.cgi?id=1646603

https://bugzilla.redhat.com/show_bug.cgi?id=1646988

https://bugzilla.redhat.com/show_bug.cgi?id=1647216

https://bugzilla.redhat.com/show_bug.cgi?id=1647582

https://bugzilla.redhat.com/show_bug.cgi?id=1647631

https://bugzilla.redhat.com/show_bug.cgi?id=1647762

https://bugzilla.redhat.com/show_bug.cgi?id=1647799

https://bugzilla.redhat.com/show_bug.cgi?id=1647938

https://bugzilla.redhat.com/show_bug.cgi?id=1648121

https://bugzilla.redhat.com/show_bug.cgi?id=1648252

https://bugzilla.redhat.com/show_bug.cgi?id=1648331

https://bugzilla.redhat.com/show_bug.cgi?id=1648344

https://bugzilla.redhat.com/show_bug.cgi?id=1648358

https://bugzilla.redhat.com/show_bug.cgi?id=1648473

https://bugzilla.redhat.com/show_bug.cgi?id=1648506

https://bugzilla.redhat.com/show_bug.cgi?id=1648903

https://bugzilla.redhat.com/show_bug.cgi?id=1649040

https://bugzilla.redhat.com/show_bug.cgi?id=1649231

https://bugzilla.redhat.com/show_bug.cgi?id=1649471

https://bugzilla.redhat.com/show_bug.cgi?id=1649766

https://bugzilla.redhat.com/show_bug.cgi?id=1649800

https://bugzilla.redhat.com/show_bug.cgi?id=1649866

https://bugzilla.redhat.com/show_bug.cgi?id=1649871

https://bugzilla.redhat.com/show_bug.cgi?id=1649938

https://bugzilla.redhat.com/show_bug.cgi?id=1649961

https://bugzilla.redhat.com/show_bug.cgi?id=1650063

https://bugzilla.redhat.com/show_bug.cgi?id=1650259

https://bugzilla.redhat.com/show_bug.cgi?id=1650543

https://bugzilla.redhat.com/show_bug.cgi?id=1650624

https://bugzilla.redhat.com/show_bug.cgi?id=1650662

https://bugzilla.redhat.com/show_bug.cgi?id=1560978

https://bugzilla.redhat.com/show_bug.cgi?id=1561249

https://bugzilla.redhat.com/show_bug.cgi?id=1561691

https://bugzilla.redhat.com/show_bug.cgi?id=1561990

https://bugzilla.redhat.com/show_bug.cgi?id=1563529

https://bugzilla.redhat.com/show_bug.cgi?id=1564867

https://bugzilla.redhat.com/show_bug.cgi?id=1565903

https://bugzilla.redhat.com/show_bug.cgi?id=1566000

https://bugzilla.redhat.com/show_bug.cgi?id=1566092

https://bugzilla.redhat.com/show_bug.cgi?id=1566166

https://bugzilla.redhat.com/show_bug.cgi?id=1566540

https://bugzilla.redhat.com/show_bug.cgi?id=1566543

https://bugzilla.redhat.com/show_bug.cgi?id=1568063

https://bugzilla.redhat.com/show_bug.cgi?id=1568700

https://bugzilla.redhat.com/show_bug.cgi?id=1568838

https://bugzilla.redhat.com/show_bug.cgi?id=1568848

https://bugzilla.redhat.com/show_bug.cgi?id=1569395

https://bugzilla.redhat.com/show_bug.cgi?id=1571889

https://bugzilla.redhat.com/show_bug.cgi?id=1571913

https://bugzilla.redhat.com/show_bug.cgi?id=1574257

https://bugzilla.redhat.com/show_bug.cgi?id=1575766

https://bugzilla.redhat.com/show_bug.cgi?id=1577014

https://bugzilla.redhat.com/show_bug.cgi?id=1577966

https://bugzilla.redhat.com/show_bug.cgi?id=1578021

https://bugzilla.redhat.com/show_bug.cgi?id=1578022

https://bugzilla.redhat.com/show_bug.cgi?id=1578470

https://bugzilla.redhat.com/show_bug.cgi?id=1579876

https://bugzilla.redhat.com/show_bug.cgi?id=1582210

https://bugzilla.redhat.com/show_bug.cgi?id=1582293

https://bugzilla.redhat.com/show_bug.cgi?id=1582484

https://bugzilla.redhat.com/show_bug.cgi?id=1583318

https://bugzilla.redhat.com/show_bug.cgi?id=1584162

https://bugzilla.redhat.com/show_bug.cgi?id=1585410

https://bugzilla.redhat.com/show_bug.cgi?id=1586271

https://bugzilla.redhat.com/show_bug.cgi?id=1586336

https://bugzilla.redhat.com/show_bug.cgi?id=1589515

https://bugzilla.redhat.com/show_bug.cgi?id=1589625

https://bugzilla.redhat.com/show_bug.cgi?id=1589736

https://bugzilla.redhat.com/show_bug.cgi?id=1591731

https://bugzilla.redhat.com/show_bug.cgi?id=1592570

https://bugzilla.redhat.com/show_bug.cgi?id=1593253

https://bugzilla.redhat.com/show_bug.cgi?id=1593647

https://bugzilla.redhat.com/show_bug.cgi?id=1594289

https://bugzilla.redhat.com/show_bug.cgi?id=1594882

https://bugzilla.redhat.com/show_bug.cgi?id=1595784

https://bugzilla.redhat.com/show_bug.cgi?id=1595924

https://bugzilla.redhat.com/show_bug.cgi?id=1596372

https://bugzilla.redhat.com/show_bug.cgi?id=1596504

https://bugzilla.redhat.com/show_bug.cgi?id=1596885

https://bugzilla.redhat.com/show_bug.cgi?id=1597035

https://bugzilla.redhat.com/show_bug.cgi?id=1597089

https://bugzilla.redhat.com/show_bug.cgi?id=1597208

https://bugzilla.redhat.com/show_bug.cgi?id=1597968

https://bugzilla.redhat.com/show_bug.cgi?id=1598928

https://bugzilla.redhat.com/show_bug.cgi?id=1599303

https://bugzilla.redhat.com/show_bug.cgi?id=1600095

https://bugzilla.redhat.com/show_bug.cgi?id=1600450

https://bugzilla.redhat.com/show_bug.cgi?id=1600710

https://bugzilla.redhat.com/show_bug.cgi?id=1601155

https://bugzilla.redhat.com/show_bug.cgi?id=1601762

https://bugzilla.redhat.com/show_bug.cgi?id=1602110

https://bugzilla.redhat.com/show_bug.cgi?id=1602367

https://bugzilla.redhat.com/show_bug.cgi?id=1603185

https://bugzilla.redhat.com/show_bug.cgi?id=1603219

https://bugzilla.redhat.com/show_bug.cgi?id=1606236

https://bugzilla.redhat.com/show_bug.cgi?id=1606369

https://bugzilla.redhat.com/show_bug.cgi?id=1607207

https://bugzilla.redhat.com/show_bug.cgi?id=1607845

https://bugzilla.redhat.com/show_bug.cgi?id=1608400

https://bugzilla.redhat.com/show_bug.cgi?id=1609567

https://bugzilla.redhat.com/show_bug.cgi?id=1612921

https://bugzilla.redhat.com/show_bug.cgi?id=1612959

https://bugzilla.redhat.com/show_bug.cgi?id=1613304

https://bugzilla.redhat.com/show_bug.cgi?id=1613679

https://bugzilla.redhat.com/show_bug.cgi?id=1614768

https://bugzilla.redhat.com/show_bug.cgi?id=1614927

https://bugzilla.redhat.com/show_bug.cgi?id=1615800

https://bugzilla.redhat.com/show_bug.cgi?id=1616153

https://bugzilla.redhat.com/show_bug.cgi?id=1618485

https://bugzilla.redhat.com/show_bug.cgi?id=1618811

https://bugzilla.redhat.com/show_bug.cgi?id=1618868

https://bugzilla.redhat.com/show_bug.cgi?id=1618872

https://bugzilla.redhat.com/show_bug.cgi?id=1619284

https://bugzilla.redhat.com/show_bug.cgi?id=1620179

https://bugzilla.redhat.com/show_bug.cgi?id=1622802

https://bugzilla.redhat.com/show_bug.cgi?id=1623277

https://bugzilla.redhat.com/show_bug.cgi?id=1623937

https://bugzilla.redhat.com/show_bug.cgi?id=1624401

https://bugzilla.redhat.com/show_bug.cgi?id=1624416

https://bugzilla.redhat.com/show_bug.cgi?id=1624479

https://bugzilla.redhat.com/show_bug.cgi?id=1625109

https://bugzilla.redhat.com/show_bug.cgi?id=1625174

https://bugzilla.redhat.com/show_bug.cgi?id=1625649

https://bugzilla.redhat.com/show_bug.cgi?id=1625965

https://bugzilla.redhat.com/show_bug.cgi?id=1626113

https://bugzilla.redhat.com/show_bug.cgi?id=1626114

https://bugzilla.redhat.com/show_bug.cgi?id=1626119

https://bugzilla.redhat.com/show_bug.cgi?id=1626138

https://bugzilla.redhat.com/show_bug.cgi?id=1626178

https://bugzilla.redhat.com/show_bug.cgi?id=1626494

https://bugzilla.redhat.com/show_bug.cgi?id=1626956

https://bugzilla.redhat.com/show_bug.cgi?id=1627640

https://bugzilla.redhat.com/show_bug.cgi?id=1628488

https://bugzilla.redhat.com/show_bug.cgi?id=1628505

https://bugzilla.redhat.com/show_bug.cgi?id=1628544

https://bugzilla.redhat.com/show_bug.cgi?id=1628561

https://bugzilla.redhat.com/show_bug.cgi?id=1628638

https://bugzilla.redhat.com/show_bug.cgi?id=1629564

https://bugzilla.redhat.com/show_bug.cgi?id=1631019

https://bugzilla.redhat.com/show_bug.cgi?id=1631299

https://bugzilla.redhat.com/show_bug.cgi?id=1632111

https://bugzilla.redhat.com/show_bug.cgi?id=1632626

https://bugzilla.redhat.com/show_bug.cgi?id=1633236

https://bugzilla.redhat.com/show_bug.cgi?id=1633347

https://bugzilla.redhat.com/show_bug.cgi?id=1633360

https://bugzilla.redhat.com/show_bug.cgi?id=1633937

https://bugzilla.redhat.com/show_bug.cgi?id=1635364

https://bugzilla.redhat.com/show_bug.cgi?id=1635540

https://bugzilla.redhat.com/show_bug.cgi?id=1635680

https://bugzilla.redhat.com/show_bug.cgi?id=1636052

https://bugzilla.redhat.com/show_bug.cgi?id=1636446

https://bugzilla.redhat.com/show_bug.cgi?id=1637042

https://bugzilla.redhat.com/show_bug.cgi?id=1637431

https://bugzilla.redhat.com/show_bug.cgi?id=1637436

https://bugzilla.redhat.com/show_bug.cgi?id=1637883

https://bugzilla.redhat.com/show_bug.cgi?id=1637955

https://bugzilla.redhat.com/show_bug.cgi?id=1638130

https://bugzilla.redhat.com/show_bug.cgi?id=1638223

https://bugzilla.redhat.com/show_bug.cgi?id=1638781

https://bugzilla.redhat.com/show_bug.cgi?id=1638866

https://bugzilla.redhat.com/show_bug.cgi?id=1638906

https://bugzilla.redhat.com/show_bug.cgi?id=1639352

https://bugzilla.redhat.com/show_bug.cgi?id=1639406

https://bugzilla.redhat.com/show_bug.cgi?id=1651189

https://bugzilla.redhat.com/show_bug.cgi?id=1651242

https://bugzilla.redhat.com/show_bug.cgi?id=1651324

https://bugzilla.redhat.com/show_bug.cgi?id=1651367

https://bugzilla.redhat.com/show_bug.cgi?id=1651634

https://bugzilla.redhat.com/show_bug.cgi?id=1651774

https://bugzilla.redhat.com/show_bug.cgi?id=1651852

https://bugzilla.redhat.com/show_bug.cgi?id=1651916

https://bugzilla.redhat.com/show_bug.cgi?id=1651981

https://bugzilla.redhat.com/show_bug.cgi?id=1652060

https://bugzilla.redhat.com/show_bug.cgi?id=1652423

https://bugzilla.redhat.com/show_bug.cgi?id=1652497

https://bugzilla.redhat.com/show_bug.cgi?id=1652526

https://bugzilla.redhat.com/show_bug.cgi?id=1652531

https://bugzilla.redhat.com/show_bug.cgi?id=1652557

https://bugzilla.redhat.com/show_bug.cgi?id=1652677

https://bugzilla.redhat.com/show_bug.cgi?id=1652732

https://bugzilla.redhat.com/show_bug.cgi?id=1652885

https://bugzilla.redhat.com/show_bug.cgi?id=1651006

https://bugzilla.redhat.com/show_bug.cgi?id=1651013

https://bugzilla.redhat.com/show_bug.cgi?id=1651129

https://bugzilla.redhat.com/show_bug.cgi?id=1662405

https://bugzilla.redhat.com/show_bug.cgi?id=1663021

https://bugzilla.redhat.com/show_bug.cgi?id=1664261

https://bugzilla.redhat.com/show_bug.cgi?id=1664281

https://bugzilla.redhat.com/show_bug.cgi?id=1664296

https://bugzilla.redhat.com/show_bug.cgi?id=1664436

https://bugzilla.redhat.com/show_bug.cgi?id=1664641

https://bugzilla.redhat.com/show_bug.cgi?id=1664948

https://bugzilla.redhat.com/show_bug.cgi?id=1665173

https://bugzilla.redhat.com/show_bug.cgi?id=1665203

https://bugzilla.redhat.com/show_bug.cgi?id=1665466

https://bugzilla.redhat.com/show_bug.cgi?id=1665657

https://bugzilla.redhat.com/show_bug.cgi?id=1665780

https://bugzilla.redhat.com/show_bug.cgi?id=1666312

https://bugzilla.redhat.com/show_bug.cgi?id=1666632

https://bugzilla.redhat.com/show_bug.cgi?id=1666968

https://bugzilla.redhat.com/show_bug.cgi?id=1667129

https://bugzilla.redhat.com/show_bug.cgi?id=1667704

https://bugzilla.redhat.com/show_bug.cgi?id=1667775

https://bugzilla.redhat.com/show_bug.cgi?id=1668449

https://bugzilla.redhat.com/show_bug.cgi?id=1669186

https://bugzilla.redhat.com/show_bug.cgi?id=1669241

https://bugzilla.redhat.com/show_bug.cgi?id=1669484

https://bugzilla.redhat.com/show_bug.cgi?id=1670002

https://bugzilla.redhat.com/show_bug.cgi?id=1670090

https://bugzilla.redhat.com/show_bug.cgi?id=1670100

https://bugzilla.redhat.com/show_bug.cgi?id=1670104

https://bugzilla.redhat.com/show_bug.cgi?id=1670125

https://bugzilla.redhat.com/show_bug.cgi?id=1670173

https://bugzilla.redhat.com/show_bug.cgi?id=1670276

https://bugzilla.redhat.com/show_bug.cgi?id=1670524

https://bugzilla.redhat.com/show_bug.cgi?id=1670729

https://bugzilla.redhat.com/show_bug.cgi?id=1671148

https://bugzilla.redhat.com/show_bug.cgi?id=1671202

https://bugzilla.redhat.com/show_bug.cgi?id=1673215

https://bugzilla.redhat.com/show_bug.cgi?id=1673326

https://bugzilla.redhat.com/show_bug.cgi?id=1673474

https://bugzilla.redhat.com/show_bug.cgi?id=1674496

https://bugzilla.redhat.com/show_bug.cgi?id=1674548

https://bugzilla.redhat.com/show_bug.cgi?id=1676642

https://bugzilla.redhat.com/show_bug.cgi?id=1676663

https://bugzilla.redhat.com/show_bug.cgi?id=1677014

https://bugzilla.redhat.com/show_bug.cgi?id=1677309

https://bugzilla.redhat.com/show_bug.cgi?id=1677620

https://bugzilla.redhat.com/show_bug.cgi?id=1677773

https://bugzilla.redhat.com/show_bug.cgi?id=1677916

https://bugzilla.redhat.com/show_bug.cgi?id=1678177

https://bugzilla.redhat.com/show_bug.cgi?id=1678322

https://bugzilla.redhat.com/show_bug.cgi?id=1678763

https://bugzilla.redhat.com/show_bug.cgi?id=1678770

https://bugzilla.redhat.com/show_bug.cgi?id=1678892

https://bugzilla.redhat.com/show_bug.cgi?id=1679481

https://bugzilla.redhat.com/show_bug.cgi?id=1679959

https://bugzilla.redhat.com/show_bug.cgi?id=1680067

https://bugzilla.redhat.com/show_bug.cgi?id=1680441

https://bugzilla.redhat.com/show_bug.cgi?id=1681009

https://bugzilla.redhat.com/show_bug.cgi?id=1683081

https://bugzilla.redhat.com/show_bug.cgi?id=1683096

https://bugzilla.redhat.com/show_bug.cgi?id=1683350

https://bugzilla.redhat.com/show_bug.cgi?id=1683592

https://bugzilla.redhat.com/show_bug.cgi?id=1683687

https://bugzilla.redhat.com/show_bug.cgi?id=1683935

https://bugzilla.redhat.com/show_bug.cgi?id=1684291

https://bugzilla.redhat.com/show_bug.cgi?id=1685437

https://bugzilla.redhat.com/show_bug.cgi?id=1685726

https://bugzilla.redhat.com/show_bug.cgi?id=1691105

https://bugzilla.redhat.com/show_bug.cgi?id=1692009

https://bugzilla.redhat.com/show_bug.cgi?id=1692697

https://bugzilla.redhat.com/show_bug.cgi?id=1693867

https://bugzilla.redhat.com/show_bug.cgi?id=1694715

https://bugzilla.redhat.com/show_bug.cgi?id=1695379

https://bugzilla.redhat.com/show_bug.cgi?id=1696273

https://bugzilla.redhat.com/show_bug.cgi?id=1652905

https://bugzilla.redhat.com/show_bug.cgi?id=1652909

https://bugzilla.redhat.com/show_bug.cgi?id=1652938

https://bugzilla.redhat.com/show_bug.cgi?id=1652961

https://bugzilla.redhat.com/show_bug.cgi?id=1653200

https://bugzilla.redhat.com/show_bug.cgi?id=1653251

https://bugzilla.redhat.com/show_bug.cgi?id=1653386

https://bugzilla.redhat.com/show_bug.cgi?id=1653584

https://bugzilla.redhat.com/show_bug.cgi?id=1653646

https://bugzilla.redhat.com/show_bug.cgi?id=1653657

https://bugzilla.redhat.com/show_bug.cgi?id=1653792

https://bugzilla.redhat.com/show_bug.cgi?id=1654094

https://bugzilla.redhat.com/show_bug.cgi?id=1654160

https://bugzilla.redhat.com/show_bug.cgi?id=1654217

https://bugzilla.redhat.com/show_bug.cgi?id=1654263

https://bugzilla.redhat.com/show_bug.cgi?id=1654327

https://bugzilla.redhat.com/show_bug.cgi?id=1654565

https://bugzilla.redhat.com/show_bug.cgi?id=1654598

https://bugzilla.redhat.com/show_bug.cgi?id=1654721

https://bugzilla.redhat.com/show_bug.cgi?id=1654944

https://bugzilla.redhat.com/show_bug.cgi?id=1654975

https://bugzilla.redhat.com/show_bug.cgi?id=1655094

https://bugzilla.redhat.com/show_bug.cgi?id=1655239

https://bugzilla.redhat.com/show_bug.cgi?id=1655243

https://bugzilla.redhat.com/show_bug.cgi?id=1655277

https://bugzilla.redhat.com/show_bug.cgi?id=1655407

https://bugzilla.redhat.com/show_bug.cgi?id=1655483

https://bugzilla.redhat.com/show_bug.cgi?id=1655595

https://bugzilla.redhat.com/show_bug.cgi?id=1655628

https://bugzilla.redhat.com/show_bug.cgi?id=1655870

https://bugzilla.redhat.com/show_bug.cgi?id=1655981

https://bugzilla.redhat.com/show_bug.cgi?id=1655982

https://bugzilla.redhat.com/show_bug.cgi?id=1656043

https://bugzilla.redhat.com/show_bug.cgi?id=1656078

https://bugzilla.redhat.com/show_bug.cgi?id=1656425

https://bugzilla.redhat.com/show_bug.cgi?id=1656470

https://bugzilla.redhat.com/show_bug.cgi?id=1656478

https://bugzilla.redhat.com/show_bug.cgi?id=1657062

https://bugzilla.redhat.com/show_bug.cgi?id=1657302

https://bugzilla.redhat.com/show_bug.cgi?id=1657475

https://bugzilla.redhat.com/show_bug.cgi?id=1657699

https://bugzilla.redhat.com/show_bug.cgi?id=1657711

https://bugzilla.redhat.com/show_bug.cgi?id=1657719

https://bugzilla.redhat.com/show_bug.cgi?id=1657942

https://bugzilla.redhat.com/show_bug.cgi?id=1658130

https://bugzilla.redhat.com/show_bug.cgi?id=1658157

https://bugzilla.redhat.com/show_bug.cgi?id=1658193

https://bugzilla.redhat.com/show_bug.cgi?id=1658274

https://bugzilla.redhat.com/show_bug.cgi?id=1658364

https://bugzilla.redhat.com/show_bug.cgi?id=1658444

https://bugzilla.redhat.com/show_bug.cgi?id=1658474

https://bugzilla.redhat.com/show_bug.cgi?id=1658592

https://bugzilla.redhat.com/show_bug.cgi?id=1658659

https://bugzilla.redhat.com/show_bug.cgi?id=1659014

https://bugzilla.redhat.com/show_bug.cgi?id=1659042

https://bugzilla.redhat.com/show_bug.cgi?id=1659324

https://bugzilla.redhat.com/show_bug.cgi?id=1659549

https://bugzilla.redhat.com/show_bug.cgi?id=1659917

https://bugzilla.redhat.com/show_bug.cgi?id=1659941

https://bugzilla.redhat.com/show_bug.cgi?id=1660133

https://bugzilla.redhat.com/show_bug.cgi?id=1660258

https://bugzilla.redhat.com/show_bug.cgi?id=1660489

https://bugzilla.redhat.com/show_bug.cgi?id=1660497

https://bugzilla.redhat.com/show_bug.cgi?id=1660561

https://bugzilla.redhat.com/show_bug.cgi?id=1661019

https://bugzilla.redhat.com/show_bug.cgi?id=1661422

https://bugzilla.redhat.com/show_bug.cgi?id=1661483

https://bugzilla.redhat.com/show_bug.cgi?id=1661498

https://bugzilla.redhat.com/show_bug.cgi?id=1661971

https://bugzilla.redhat.com/show_bug.cgi?id=1662150

https://bugzilla.redhat.com/show_bug.cgi?id=1662164

https://bugzilla.redhat.com/show_bug.cgi?id=1671517

https://bugzilla.redhat.com/show_bug.cgi?id=1671531

https://bugzilla.redhat.com/show_bug.cgi?id=1671577

https://bugzilla.redhat.com/show_bug.cgi?id=1672426

https://bugzilla.redhat.com/show_bug.cgi?id=1672498

https://bugzilla.redhat.com/show_bug.cgi?id=1672751

https://bugzilla.redhat.com/show_bug.cgi?id=1673032

https://bugzilla.redhat.com/show_bug.cgi?id=1686013

https://bugzilla.redhat.com/show_bug.cgi?id=1686460

https://bugzilla.redhat.com/show_bug.cgi?id=1686540

https://bugzilla.redhat.com/show_bug.cgi?id=1686604

https://bugzilla.redhat.com/show_bug.cgi?id=1686964

https://bugzilla.redhat.com/show_bug.cgi?id=1687190

https://bugzilla.redhat.com/show_bug.cgi?id=1687250

https://bugzilla.redhat.com/show_bug.cgi?id=1687264

https://bugzilla.redhat.com/show_bug.cgi?id=1687378

https://bugzilla.redhat.com/show_bug.cgi?id=1687577

https://bugzilla.redhat.com/show_bug.cgi?id=1687956

https://bugzilla.redhat.com/show_bug.cgi?id=1688636

https://bugzilla.redhat.com/show_bug.cgi?id=1688840

https://bugzilla.redhat.com/show_bug.cgi?id=1688973

https://bugzilla.redhat.com/show_bug.cgi?id=1689144

https://bugzilla.redhat.com/show_bug.cgi?id=1689240

https://bugzilla.redhat.com/show_bug.cgi?id=1690390

https://bugzilla.redhat.com/show_bug.cgi?id=1690449

https://bugzilla.redhat.com/show_bug.cgi?id=1690795

https://bugzilla.redhat.com/show_bug.cgi?id=1696718

https://bugzilla.redhat.com/show_bug.cgi?id=1696969

https://bugzilla.redhat.com/show_bug.cgi?id=1698549

https://bugzilla.redhat.com/show_bug.cgi?id=1698876

https://bugzilla.redhat.com/show_bug.cgi?id=1698947

https://bugzilla.redhat.com/show_bug.cgi?id=1699017

Plugin Details

Severity: High

ID: 125052

File Name: redhat-RHSA-2019-1222.nasl

Version: 1.11

Type: local

Agent: unix

Published: 5/14/2019

Updated: 11/6/2024

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

Vendor

Vendor Severity: Moderate

CVSS v2

Risk Factor: Medium

Base Score: 4

Temporal Score: 3.1

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N

CVSS Score Source: CVE-2018-10917

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2019-3891

Vulnerability Information

CPE: p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_discovery_image, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ovirt-engine-sdk, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-multi_json, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-locale, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-safemode, p-cpe:/a:redhat:enterprise_linux:v8, p-cpe:/a:redhat:enterprise_linux:foreman-postgresql, p-cpe:/a:redhat:enterprise_linux:rubygem-multi_json, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rails-i18n, p-cpe:/a:redhat:enterprise_linux:satellite-debug-tools, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-sinatra, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-coffee-script-source, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-runcible, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-loofah, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-redhat_access_lib, p-cpe:/a:redhat:enterprise_linux:libwebsockets, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-unf, p-cpe:/a:redhat:enterprise_linux:rubygem-rack-protection, p-cpe:/a:redhat:enterprise_linux:foreman-installer, p-cpe:/a:redhat:enterprise_linux:puppetserver, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-audited, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rbvmomi, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-diffy, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-builder, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-actionmailer, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-statsd-instrument, p-cpe:/a:redhat:enterprise_linux:qpid-cpp-client, p-cpe:/a:redhat:enterprise_linux:repoview, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_tasks, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-core, p-cpe:/a:redhat:enterprise_linux:pulp-server, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-ovirt, p-cpe:/a:redhat:enterprise_linux:katello-installer-base, p-cpe:/a:redhat:enterprise_linux:soappy, p-cpe:/a:redhat:enterprise_linux:mod_xsendfile, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-railties, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-secure_headers, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-record_tag_helper, p-cpe:/a:redhat:enterprise_linux:python-simplejson, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-xml, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_virt_who_configure, p-cpe:/a:redhat:enterprise_linux:katello-selinux, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-netrc, p-cpe:/a:redhat:enterprise_linux:rubygem-kafo_wizards, p-cpe:/a:redhat:enterprise_linux:rubygem-rake, p-cpe:/a:redhat:enterprise_linux:qpid-cpp-client-devel, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-retriable, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-polyglot, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-concurrent-ruby-edge, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-multipart-post, p-cpe:/a:redhat:enterprise_linux:python-fpconst, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-execjs, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-git, p-cpe:/a:redhat:enterprise_linux:pulp-nodes-common, p-cpe:/a:redhat:enterprise_linux:pulp-ostree, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ipaddress, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman, p-cpe:/a:redhat:enterprise_linux:puppetlabs-stdlib, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-scoped_search, p-cpe:/a:redhat:enterprise_linux:pulp-docker-admin-extensions, p-cpe:/a:redhat:enterprise_linux:rubygem-highline, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-domain_name, p-cpe:/a:redhat:enterprise_linux:foreman-journald, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-mimemagic, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-activejob, p-cpe:/a:redhat:enterprise_linux:python-twisted-core, p-cpe:/a:redhat:enterprise_linux:rubygem-faraday_middleware, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fast_gettext, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_hooks, p-cpe:/a:redhat:enterprise_linux:qpid-tools, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-net-ssh-krb, p-cpe:/a:redhat:enterprise_linux:foreman-gce, p-cpe:/a:redhat:enterprise_linux:python-pymongo-gridfs, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-google, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-sexp_processor, p-cpe:/a:redhat:enterprise_linux:rubygem-rack, p-cpe:/a:redhat:enterprise_linux:satellite, p-cpe:/a:redhat:enterprise_linux:rubygem-passenger-native, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-mail, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-dynflow, p-cpe:/a:redhat:enterprise_linux:foreman-ec2, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_katello, p-cpe:/a:redhat:enterprise_linux:katello-service, p-cpe:/a:redhat:enterprise_linux:python-crane, p-cpe:/a:redhat:enterprise_linux:python-qpid-qmf, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-sprockets-rails, p-cpe:/a:redhat:enterprise_linux:qpid-dispatch-tools, p-cpe:/a:redhat:enterprise_linux:foreman-ovirt, p-cpe:/a:redhat:enterprise_linux:python2-vine, p-cpe:/a:redhat:enterprise_linux:rubygem-passenger-native-libs, p-cpe:/a:redhat:enterprise_linux:livecd-tools, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-marcel, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-rack-test, p-cpe:/a:redhat:enterprise_linux:mongodb-server, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-crass, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-journald-native, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ruby_parser, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-qpid_messaging, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog, p-cpe:/a:redhat:enterprise_linux:katello, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-actioncable, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-roadie-rails, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rack-jsonp, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-smart_proxy_dynflow_core, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-katello, p-cpe:/a:redhat:enterprise_linux:rubygem-gssapi, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_ansible_core, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-bastion, p-cpe:/a:redhat:enterprise_linux:gofer, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-bundler_ext, p-cpe:/a:redhat:enterprise_linux:foreman-telemetry, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_bootdisk, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-erubi, p-cpe:/a:redhat:enterprise_linux:python-blinker, p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_dhcp_infoblox, p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_ansible, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-net-ping, p-cpe:/a:redhat:enterprise_linux:rubygem-concurrent-ruby, p-cpe:/a:redhat:enterprise_linux:rubygem-fast_gettext, p-cpe:/a:redhat:enterprise_linux:rubygem-logging, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-wicked, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-webpack-rails, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-json, p-cpe:/a:redhat:enterprise_linux:python-bson, p-cpe:/a:redhat:enterprise_linux:python-gnupg, p-cpe:/a:redhat:enterprise_linux:libstemmer, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-coffee-rails, p-cpe:/a:redhat:enterprise_linux:foreman-vmware, p-cpe:/a:redhat:enterprise_linux:rubygem-newt, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-sqlite3, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-gettext_i18n_rails, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-gssapi, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-roadie, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rabl, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-rails-dom-testing, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_templates, p-cpe:/a:redhat:enterprise_linux:python2-kombu, p-cpe:/a:redhat:enterprise_linux:pulp-ostree-plugins, p-cpe:/a:redhat:enterprise_linux:pulp-docker, p-cpe:/a:redhat:enterprise_linux:createrepo_c-libs, p-cpe:/a:redhat:enterprise_linux:python-okaara, p-cpe:/a:redhat:enterprise_linux:python-pulp-puppet-common, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-arel, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-apipie-bindings, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-globalid, p-cpe:/a:redhat:enterprise_linux:pulp-nodes-child, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-activerecord-import, p-cpe:/a:redhat:enterprise_linux:python-werkzeug, p-cpe:/a:redhat:enterprise_linux:python-pulp-oid_validation, p-cpe:/a:redhat:enterprise_linux:rubygem-bundler_ext, p-cpe:/a:redhat:enterprise_linux:pulp-docker-plugins, p-cpe:/a:redhat:enterprise_linux:tfm-runtime, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-little-plugger, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-rack-protection, p-cpe:/a:redhat:enterprise_linux:python-gofer, p-cpe:/a:redhat:enterprise_linux:python-anyjson, p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_remote_execution_ssh, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-rails-html-sanitizer, p-cpe:/a:redhat:enterprise_linux:python-billiard, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-thor, p-cpe:/a:redhat:enterprise_linux:foreman-proxy, p-cpe:/a:redhat:enterprise_linux:python2-solv, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-logging, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-passenger, p-cpe:/a:redhat:enterprise_linux:python-semantic_version, p-cpe:/a:redhat:enterprise_linux:python-pulp-agent-lib, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rainbow, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-quantile, p-cpe:/a:redhat:enterprise_linux:python-pulp-repoauth, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-thread_safe, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_ansible, p-cpe:/a:redhat:enterprise_linux:rubygem-jwt, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-parse-cron, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_ansible, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-awesome_print, p-cpe:/a:redhat:enterprise_linux:python-pulp-bindings, p-cpe:/a:redhat:enterprise_linux:mongodb, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-sprockets, p-cpe:/a:redhat:enterprise_linux:kobo, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_admin, p-cpe:/a:redhat:enterprise_linux:qpid-proton-c, p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_discovery, p-cpe:/a:redhat:enterprise_linux:foreman-openstack, p-cpe:/a:redhat:enterprise_linux:python-qpid-proton, p-cpe:/a:redhat:enterprise_linux:python-pulp-docker-common, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_openscap, p-cpe:/a:redhat:enterprise_linux:tfm, p-cpe:/a:redhat:enterprise_linux:qpid-cpp-server-linearstore, p-cpe:/a:redhat:enterprise_linux:qpid-dispatch-router, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-aws, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-algebrick, p-cpe:/a:redhat:enterprise_linux:pulp-ostree-admin-extensions, p-cpe:/a:redhat:enterprise_linux:pulp-puppet-plugins, p-cpe:/a:redhat:enterprise_linux:python-flask, p-cpe:/a:redhat:enterprise_linux:python-itsdangerous, p-cpe:/a:redhat:enterprise_linux:pulp-puppet, p-cpe:/a:redhat:enterprise_linux:python-qpid, p-cpe:/a:redhat:enterprise_linux:katello-certs-tools, p-cpe:/a:redhat:enterprise_linux:foreman-debug, p-cpe:/a:redhat:enterprise_linux:rubygem-foreman_scap_client, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_remote_execution_core, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-net-ssh, p-cpe:/a:redhat:enterprise_linux:satellite-capsule, p-cpe:/a:redhat:enterprise_linux:foreman-installer-katello, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-logging-journald, p-cpe:/a:redhat:enterprise_linux:rubygem-clamp, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ruby-libvirt, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_theme_satellite, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-runtime, p-cpe:/a:redhat:enterprise_linux:tfm-ror52, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-net-ldap, p-cpe:/a:redhat:enterprise_linux:foreman-cli, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-prometheus-client, p-cpe:/a:redhat:enterprise_linux:pulp-admin-client, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-actionpack, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-digitalocean, p-cpe:/a:redhat:enterprise_linux:pulp-puppet-tools, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-deacon, p-cpe:/a:redhat:enterprise_linux:qpid-cpp, p-cpe:/a:redhat:enterprise_linux:python-pulp-ostree-common, cpe:/o:redhat:enterprise_linux:7, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-formatador, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ovirt_provision_plugin, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-launchy, p-cpe:/a:redhat:enterprise_linux:rubygem-kafo, p-cpe:/a:redhat:enterprise_linux:qpid-qmf, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-unicode, p-cpe:/a:redhat:enterprise_linux:satellite-cli, p-cpe:/a:redhat:enterprise_linux:rubygem-rb-inotify, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-websocket-extensions, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-deface, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-clamp, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-pg, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-will_paginate, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-x-editable-rails, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_docker, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-unf_ext, p-cpe:/a:redhat:enterprise_linux:redhat-access-insights-puppet, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-trollop, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ancestry, p-cpe:/a:redhat:enterprise_linux:pulp, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-nokogiri, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-tilt, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-mini_portile2, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-mime-types, p-cpe:/a:redhat:enterprise_linux:rubygem-ffi, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-signet, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-google-api-client, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_discovery, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-activerecord, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-get_process_mem, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-oauth, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-apipie-params, p-cpe:/a:redhat:enterprise_linux:foreman-libvirt, p-cpe:/a:redhat:enterprise_linux:rhel8-kickstart-setup, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-net-scp, p-cpe:/a:redhat:enterprise_linux:rubygem-oauth, p-cpe:/a:redhat:enterprise_linux:puppet-foreman_scap_client, p-cpe:/a:redhat:enterprise_linux:foreman, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-excon, p-cpe:/a:redhat:enterprise_linux:katello-common, p-cpe:/a:redhat:enterprise_linux:liquibase, p-cpe:/a:redhat:enterprise_linux:qpid-cpp-server, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-coffee-script, p-cpe:/a:redhat:enterprise_linux:pulp-nodes-parent, p-cpe:/a:redhat:enterprise_linux:python-kombu, p-cpe:/a:redhat:enterprise_linux:qpid-dispatch, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-rails, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-method_source, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-sshkey, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-deep_cloneable, p-cpe:/a:redhat:enterprise_linux:rubygem-little-plugger, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-xenserver, p-cpe:/a:redhat:enterprise_linux:rubygem-ansi, p-cpe:/a:redhat:enterprise_linux:qpid-proton, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rest-client, p-cpe:/a:redhat:enterprise_linux:python-nectar, p-cpe:/a:redhat:enterprise_linux:foreman-selinux, p-cpe:/a:redhat:enterprise_linux:python-saslwrapper, p-cpe:/a:redhat:enterprise_linux:mod_passenger, p-cpe:/a:redhat:enterprise_linux:puppet-agent-oauth, p-cpe:/a:redhat:enterprise_linux:rubygem-mime-types, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ldap_fluff, p-cpe:/a:redhat:enterprise_linux:createrepo_c, p-cpe:/a:redhat:enterprise_linux:foreman-compute, p-cpe:/a:redhat:enterprise_linux:rubygem-sinatra, p-cpe:/a:redhat:enterprise_linux:satellite-installer, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_discovery, p-cpe:/a:redhat:enterprise_linux:python-isodate, p-cpe:/a:redhat:enterprise_linux:katello-debug, p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_dhcp_remote_isc, p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_dns_infoblox, p-cpe:/a:redhat:enterprise_linux:pulp-puppet-admin-extensions, p-cpe:/a:redhat:enterprise_linux:python-kid, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-http-cookie, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-passenger-native-libs, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rbovirt, p-cpe:/a:redhat:enterprise_linux:python-oauth2, p-cpe:/a:redhat:enterprise_linux:puppet-agent, p-cpe:/a:redhat:enterprise_linux:katello-client-bootstrap, p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_pulp, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_virt_who_configure, p-cpe:/a:redhat:enterprise_linux:python-pulp-common, p-cpe:/a:redhat:enterprise_linux:python2-django, p-cpe:/a:redhat:enterprise_linux:python2-billiard, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-turbolinks, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-redhat_access, p-cpe:/a:redhat:enterprise_linux:rubygem-faraday, p-cpe:/a:redhat:enterprise_linux:yaml-cpp, p-cpe:/a:redhat:enterprise_linux:python2-amqp, p-cpe:/a:redhat:enterprise_linux:rubygem-kafo_parsers, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-passenger-native, p-cpe:/a:redhat:enterprise_linux:saslwrapper, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman-tasks-core, p-cpe:/a:redhat:enterprise_linux:ostree, p-cpe:/a:redhat:enterprise_linux:python-pulp-streamer, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-facter, p-cpe:/a:redhat:enterprise_linux:python-twisted-web, p-cpe:/a:redhat:enterprise_linux:python-pulp-client-lib, p-cpe:/a:redhat:enterprise_linux:python-pulp-integrity, p-cpe:/a:redhat:enterprise_linux:libmodulemd, p-cpe:/a:redhat:enterprise_linux:foreman-proxy-content, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-apipie-rails, p-cpe:/a:redhat:enterprise_linux:python-amqp, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-daemons, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-jwt, p-cpe:/a:redhat:enterprise_linux:python-pulp-rpm-common, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_templates, p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_openscap, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_bootdisk, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-validates_lengths_from_database, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-activerecord-session_store, p-cpe:/a:redhat:enterprise_linux:rubygem-netrc, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hashie, p-cpe:/a:redhat:enterprise_linux:candlepin, p-cpe:/a:redhat:enterprise_linux:python-imgcreate, p-cpe:/a:redhat:enterprise_linux:rubygem-hashie, p-cpe:/a:redhat:enterprise_linux:foreman-rackspace, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-rack, p-cpe:/a:redhat:enterprise_linux:pcp-mmvstatsd, p-cpe:/a:redhat:enterprise_linux:rubygem-openscap, p-cpe:/a:redhat:enterprise_linux:pulp-maintenance, p-cpe:/a:redhat:enterprise_linux:rubygem-powerbar, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman-tasks, p-cpe:/a:redhat:enterprise_linux:pulp-rpm-plugins, p-cpe:/a:redhat:enterprise_linux:python-gofer-qpid, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-robotex, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_remote_execution, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-powerbar, p-cpe:/a:redhat:enterprise_linux:python-mongoengine, p-cpe:/a:redhat:enterprise_linux:rubygem-rkerberos, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-libvirt, p-cpe:/a:redhat:enterprise_linux:rubygem-infoblox, p-cpe:/a:redhat:enterprise_linux:python-zope-interface, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-angular-rails-templates, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-activemodel, p-cpe:/a:redhat:enterprise_linux:rubygem-rubyipmi, p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_dynflow, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_openscap, p-cpe:/a:redhat:enterprise_linux:rubygem-multipart-post, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-docker-api, p-cpe:/a:redhat:enterprise_linux:ansiblerole-insights-client, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-mini_mime, p-cpe:/a:redhat:enterprise_linux:pulp-katello, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_docker, p-cpe:/a:redhat:enterprise_linux:pulp-rpm-admin-extensions, p-cpe:/a:redhat:enterprise_linux:foreman-discovery-image, p-cpe:/a:redhat:enterprise_linux:rubygem-facter, p-cpe:/a:redhat:enterprise_linux:foreman-bootloaders-redhat-tftpboot, p-cpe:/a:redhat:enterprise_linux:rubygem-tilt, p-cpe:/a:redhat:enterprise_linux:python2-celery, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-responders, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-nio4r, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-sequel, p-cpe:/a:redhat:enterprise_linux:python-celery, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-mustermann, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ffi, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-addressable, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-faraday, p-cpe:/a:redhat:enterprise_linux:pulp-rpm, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_remote_execution, p-cpe:/a:redhat:enterprise_linux:libsolv, p-cpe:/a:redhat:enterprise_linux:satellite-common, p-cpe:/a:redhat:enterprise_linux:pulp-selinux, p-cpe:/a:redhat:enterprise_linux:python-vine, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ruby2ruby, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-friendly_id, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-actionview, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-vsphere, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-activesupport, p-cpe:/a:redhat:enterprise_linux:rubygem-passenger, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-journald-logger, p-cpe:/a:redhat:enterprise_linux:python-pymongo, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_csv, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-concurrent-ruby, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-websocket-driver, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-openstack, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-rackspace, p-cpe:/a:redhat:enterprise_linux:hfsplus-tools, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-jgrep, p-cpe:/a:redhat:enterprise_linux:rubygem-rest-client, p-cpe:/a:redhat:enterprise_linux:foreman-bootloaders-redhat, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-activestorage, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-highline, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-mime-types-data, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-unicode-display_width, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-anemone, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-i18n, p-cpe:/a:redhat:enterprise_linux:candlepin-selinux, p-cpe:/a:redhat:enterprise_linux:rubygem-rsec, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-extlib, p-cpe:/a:redhat:enterprise_linux:python-django, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-css_parser, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-autoparse, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-tzinfo

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 5/14/2019

Vulnerability Publication Date: 9/7/2016

Reference Information

CVE: CVE-2016-6346, CVE-2018-10917, CVE-2018-14664, CVE-2018-16861, CVE-2018-16887, CVE-2019-3891

CWE: 22, 532, 79

RHSA: 2019:1222