Detections
Analytics
RHEL 7 : Red Hat Satellite 6 (RHSA-2019:3172)
high Nessus Plugin ID 130187
Language:
Synopsis
The remote Red Hat host is missing one or more security updates.Description
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3172 advisory.Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool.
Security Fix(es):
* rubygem-rack: Buffer size in multipart parser allows for denial of service (CVE-2018-16470)
* dom4j: XML Injection in Class: Element. Methods: addElement, addAttribute which can impact the integrity of XML documents (CVE-2018-1000632)
* foreman: authorization bypasses in foreman-tasks leading to information disclosure (CVE-2019-10198)
* katello: registry credentials are captured in plain text during repository discovery (CVE-2019-14825)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
This update also fixes several bugs and adds various enhancements. Documentation for these changes is available from the Release Notes document linked to in the References section.
Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
https://access.redhat.com/errata/RHSA-2019:3172
https://bugzilla.redhat.com/show_bug.cgi?id=1739485
https://access.redhat.com/security/updates/classification/#moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1620529
https://bugzilla.redhat.com/show_bug.cgi?id=1111223
https://bugzilla.redhat.com/show_bug.cgi?id=1152515
https://bugzilla.redhat.com/show_bug.cgi?id=1163020
https://bugzilla.redhat.com/show_bug.cgi?id=1194093
https://bugzilla.redhat.com/show_bug.cgi?id=1336439
https://bugzilla.redhat.com/show_bug.cgi?id=1378579
https://bugzilla.redhat.com/show_bug.cgi?id=1402136
https://bugzilla.redhat.com/show_bug.cgi?id=1465521
https://bugzilla.redhat.com/show_bug.cgi?id=1490850
https://bugzilla.redhat.com/show_bug.cgi?id=1503426
https://bugzilla.redhat.com/show_bug.cgi?id=1505932
https://bugzilla.redhat.com/show_bug.cgi?id=1559006
https://bugzilla.redhat.com/show_bug.cgi?id=1561876
https://bugzilla.redhat.com/show_bug.cgi?id=1591629
https://bugzilla.redhat.com/show_bug.cgi?id=1593480
https://bugzilla.redhat.com/show_bug.cgi?id=1596411
https://bugzilla.redhat.com/show_bug.cgi?id=1601602
https://bugzilla.redhat.com/show_bug.cgi?id=1608712
https://bugzilla.redhat.com/show_bug.cgi?id=1609371
https://bugzilla.redhat.com/show_bug.cgi?id=1612800
https://bugzilla.redhat.com/show_bug.cgi?id=1630548
https://bugzilla.redhat.com/show_bug.cgi?id=1634755
https://bugzilla.redhat.com/show_bug.cgi?id=1643649
https://bugzilla.redhat.com/show_bug.cgi?id=1644201
https://bugzilla.redhat.com/show_bug.cgi?id=1646814
https://bugzilla.redhat.com/show_bug.cgi?id=1649944
https://bugzilla.redhat.com/show_bug.cgi?id=1650641
https://bugzilla.redhat.com/show_bug.cgi?id=1651389
https://bugzilla.redhat.com/show_bug.cgi?id=1653293
https://bugzilla.redhat.com/show_bug.cgi?id=1658265
https://bugzilla.redhat.com/show_bug.cgi?id=1658284
https://bugzilla.redhat.com/show_bug.cgi?id=1658318
https://bugzilla.redhat.com/show_bug.cgi?id=1658553
https://bugzilla.redhat.com/show_bug.cgi?id=1659979
https://bugzilla.redhat.com/show_bug.cgi?id=1671274
https://bugzilla.redhat.com/show_bug.cgi?id=1671318
https://bugzilla.redhat.com/show_bug.cgi?id=1672706
https://bugzilla.redhat.com/show_bug.cgi?id=1673447
https://bugzilla.redhat.com/show_bug.cgi?id=1679225
https://bugzilla.redhat.com/show_bug.cgi?id=1679300
https://bugzilla.redhat.com/show_bug.cgi?id=1684573
https://bugzilla.redhat.com/show_bug.cgi?id=1686514
https://bugzilla.redhat.com/show_bug.cgi?id=1687543
https://bugzilla.redhat.com/show_bug.cgi?id=1687801
https://bugzilla.redhat.com/show_bug.cgi?id=1690070
https://bugzilla.redhat.com/show_bug.cgi?id=1690204
https://bugzilla.redhat.com/show_bug.cgi?id=1691074
https://bugzilla.redhat.com/show_bug.cgi?id=1691443
https://bugzilla.redhat.com/show_bug.cgi?id=1698148
https://bugzilla.redhat.com/show_bug.cgi?id=1698178
https://bugzilla.redhat.com/show_bug.cgi?id=1698182
https://bugzilla.redhat.com/show_bug.cgi?id=1703476
https://bugzilla.redhat.com/show_bug.cgi?id=1705099
https://bugzilla.redhat.com/show_bug.cgi?id=1706265
https://bugzilla.redhat.com/show_bug.cgi?id=1706267
https://bugzilla.redhat.com/show_bug.cgi?id=1706274
https://bugzilla.redhat.com/show_bug.cgi?id=1706277
https://bugzilla.redhat.com/show_bug.cgi?id=1706296
https://bugzilla.redhat.com/show_bug.cgi?id=1706721
https://bugzilla.redhat.com/show_bug.cgi?id=1706743
https://bugzilla.redhat.com/show_bug.cgi?id=1707157
https://bugzilla.redhat.com/show_bug.cgi?id=1709761
https://bugzilla.redhat.com/show_bug.cgi?id=1712554
https://bugzilla.redhat.com/show_bug.cgi?id=1712889
https://bugzilla.redhat.com/show_bug.cgi?id=1712985
https://bugzilla.redhat.com/show_bug.cgi?id=1713103
https://bugzilla.redhat.com/show_bug.cgi?id=1713248
https://bugzilla.redhat.com/show_bug.cgi?id=1713274
https://bugzilla.redhat.com/show_bug.cgi?id=1713802
https://bugzilla.redhat.com/show_bug.cgi?id=1714234
https://bugzilla.redhat.com/show_bug.cgi?id=1714604
https://bugzilla.redhat.com/show_bug.cgi?id=1715898
https://bugzilla.redhat.com/show_bug.cgi?id=1716877
https://bugzilla.redhat.com/show_bug.cgi?id=1716900
https://bugzilla.redhat.com/show_bug.cgi?id=1717069
https://bugzilla.redhat.com/show_bug.cgi?id=1717248
https://bugzilla.redhat.com/show_bug.cgi?id=1717883
https://bugzilla.redhat.com/show_bug.cgi?id=1718009
https://bugzilla.redhat.com/show_bug.cgi?id=1718889
https://bugzilla.redhat.com/show_bug.cgi?id=1720200
https://bugzilla.redhat.com/show_bug.cgi?id=1721055
https://bugzilla.redhat.com/show_bug.cgi?id=1722475
https://bugzilla.redhat.com/show_bug.cgi?id=1722713
https://bugzilla.redhat.com/show_bug.cgi?id=1723733
https://bugzilla.redhat.com/show_bug.cgi?id=1724064
https://bugzilla.redhat.com/show_bug.cgi?id=1724739
https://bugzilla.redhat.com/show_bug.cgi?id=1725250
https://bugzilla.redhat.com/show_bug.cgi?id=1725289
https://bugzilla.redhat.com/show_bug.cgi?id=1727320
https://bugzilla.redhat.com/show_bug.cgi?id=1727927
https://bugzilla.redhat.com/show_bug.cgi?id=1728289
https://bugzilla.redhat.com/show_bug.cgi?id=1728306
https://bugzilla.redhat.com/show_bug.cgi?id=1729049
https://bugzilla.redhat.com/show_bug.cgi?id=1729130
https://bugzilla.redhat.com/show_bug.cgi?id=1729149
https://bugzilla.redhat.com/show_bug.cgi?id=1729153
https://bugzilla.redhat.com/show_bug.cgi?id=1730397
https://bugzilla.redhat.com/show_bug.cgi?id=1730668
https://bugzilla.redhat.com/show_bug.cgi?id=1731112
https://bugzilla.redhat.com/show_bug.cgi?id=1731639
https://bugzilla.redhat.com/show_bug.cgi?id=1732066
https://bugzilla.redhat.com/show_bug.cgi?id=1732601
https://bugzilla.redhat.com/show_bug.cgi?id=1737488
https://bugzilla.redhat.com/show_bug.cgi?id=1739367
https://bugzilla.redhat.com/show_bug.cgi?id=1739712
https://bugzilla.redhat.com/show_bug.cgi?id=1744515
https://bugzilla.redhat.com/show_bug.cgi?id=1746166
https://bugzilla.redhat.com/show_bug.cgi?id=1746175
https://bugzilla.redhat.com/show_bug.cgi?id=1746581
https://bugzilla.redhat.com/show_bug.cgi?id=1747177
https://bugzilla.redhat.com/show_bug.cgi?id=1747654
https://bugzilla.redhat.com/show_bug.cgi?id=1750846
https://bugzilla.redhat.com/show_bug.cgi?id=1751384
Plugin Details
Severity: High
ID: 130187
File Name: redhat-RHSA-2019-3172.nasl
Version: 1.14
Type: local
Agent: unix
Family: Red Hat Local Security Checks
Published: 10/24/2019
Updated: 11/7/2024
Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 4.4
Vendor
Vendor Severity: Moderate
CVSS v2
Risk Factor: Medium
Base Score: 5
Temporal Score: 3.9
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSS Score Source: CVE-2019-10906
CVSS v3
Risk Factor: High
Base Score: 8.6
Temporal Score: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:redhat:enterprise_linux:katello-selinux, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-netrc, p-cpe:/a:redhat:enterprise_linux:rubygem-kafo_wizards, p-cpe:/a:redhat:enterprise_linux:rubygem-rake, p-cpe:/a:redhat:enterprise_linux:qpid-cpp-client-devel, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-retriable, p-cpe:/a:redhat:enterprise_linux:python2-ansible-runner, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-polyglot, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-concurrent-ruby-edge, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-multipart-post, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-execjs, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-git, p-cpe:/a:redhat:enterprise_linux:pulp-nodes-common, p-cpe:/a:redhat:enterprise_linux:pulp-ostree, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ipaddress, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman, p-cpe:/a:redhat:enterprise_linux:puppetlabs-stdlib, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-scoped_search, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-http_parser.rb, p-cpe:/a:redhat:enterprise_linux:pulp-docker-admin-extensions, p-cpe:/a:redhat:enterprise_linux:rubygem-highline, p-cpe:/a:redhat:enterprise_linux:python2-werkzeug, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-domain_name, p-cpe:/a:redhat:enterprise_linux:foreman-journald, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-mimemagic, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-activejob, p-cpe:/a:redhat:enterprise_linux:rubygem-faraday_middleware, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fast_gettext, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_hooks, p-cpe:/a:redhat:enterprise_linux:qpid-tools, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-net-ssh-krb, p-cpe:/a:redhat:enterprise_linux:foreman-gce, p-cpe:/a:redhat:enterprise_linux:ansible-runner, p-cpe:/a:redhat:enterprise_linux:python-pymongo-gridfs, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-google, p-cpe:/a:redhat:enterprise_linux:rubygem-net-ssh, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-sexp_processor, p-cpe:/a:redhat:enterprise_linux:rubygem-journald-logger, p-cpe:/a:redhat:enterprise_linux:rubygem-rack, p-cpe:/a:redhat:enterprise_linux:satellite, p-cpe:/a:redhat:enterprise_linux:rubygem-passenger-native, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-memoist, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-mail, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-dynflow, p-cpe:/a:redhat:enterprise_linux:foreman-ec2, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_katello, p-cpe:/a:redhat:enterprise_linux:katello-service, p-cpe:/a:redhat:enterprise_linux:python-crane, p-cpe:/a:redhat:enterprise_linux:python-pycurl, p-cpe:/a:redhat:enterprise_linux:python-qpid-qmf, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-sprockets-rails, p-cpe:/a:redhat:enterprise_linux:qpid-dispatch-tools, p-cpe:/a:redhat:enterprise_linux:foreman-ovirt, p-cpe:/a:redhat:enterprise_linux:python2-vine, p-cpe:/a:redhat:enterprise_linux:rubygem-passenger-native-libs, p-cpe:/a:redhat:enterprise_linux:livecd-tools, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-marcel, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-rack-test, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-crass, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-journald-native, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ruby_parser, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-qpid_messaging, p-cpe:/a:redhat:enterprise_linux:katello, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-actioncable, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-roadie-rails, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rack-jsonp, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-smart_proxy_dynflow_core, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-katello, p-cpe:/a:redhat:enterprise_linux:rubygem-gssapi, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_ansible_core, p-cpe:/a:redhat:enterprise_linux:python2-anyjson, p-cpe:/a:redhat:enterprise_linux:gofer, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-bundler_ext, p-cpe:/a:redhat:enterprise_linux:python2-pexpect, p-cpe:/a:redhat:enterprise_linux:foreman-telemetry, p-cpe:/a:redhat:enterprise_linux:python-psutil, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_bootdisk, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-erubi, p-cpe:/a:redhat:enterprise_linux:python-blinker, p-cpe:/a:redhat:enterprise_linux:python2-okaara, p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_dhcp_infoblox, p-cpe:/a:redhat:enterprise_linux:python-twisted, p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_ansible, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-net-ping, p-cpe:/a:redhat:enterprise_linux:rubygem-concurrent-ruby, p-cpe:/a:redhat:enterprise_linux:rubygem-fast_gettext, p-cpe:/a:redhat:enterprise_linux:rubygem-logging, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-wicked, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-webpack-rails, p-cpe:/a:redhat:enterprise_linux:python2-click, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-json, p-cpe:/a:redhat:enterprise_linux:python-bson, p-cpe:/a:redhat:enterprise_linux:python-gnupg, p-cpe:/a:redhat:enterprise_linux:python-lockfile, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-coffee-rails, p-cpe:/a:redhat:enterprise_linux:foreman-vmware, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-kubevirt, p-cpe:/a:redhat:enterprise_linux:rubygem-newt, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-sqlite3, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-gettext_i18n_rails, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-gssapi, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-roadie, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rabl, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-rails-dom-testing, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_templates, p-cpe:/a:redhat:enterprise_linux:foreman-libvirt, p-cpe:/a:redhat:enterprise_linux:rhel8-kickstart-setup, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-net-scp, p-cpe:/a:redhat:enterprise_linux:rubygem-oauth, p-cpe:/a:redhat:enterprise_linux:puppet-foreman_scap_client, p-cpe:/a:redhat:enterprise_linux:foreman, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-excon, p-cpe:/a:redhat:enterprise_linux:katello-common, p-cpe:/a:redhat:enterprise_linux:qpid-cpp-server, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-coffee-script, p-cpe:/a:redhat:enterprise_linux:pulp-nodes-parent, p-cpe:/a:redhat:enterprise_linux:python2-itsdangerous, p-cpe:/a:redhat:enterprise_linux:python2-future, p-cpe:/a:redhat:enterprise_linux:python-kombu, p-cpe:/a:redhat:enterprise_linux:qpid-dispatch, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-rails, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-method_source, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-sshkey, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-deep_cloneable, p-cpe:/a:redhat:enterprise_linux:rubygem-little-plugger, p-cpe:/a:redhat:enterprise_linux:rubygem-ansi, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-declarative-option, p-cpe:/a:redhat:enterprise_linux:qpid-proton, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rest-client, p-cpe:/a:redhat:enterprise_linux:python-nectar, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-uber, p-cpe:/a:redhat:enterprise_linux:foreman-selinux, p-cpe:/a:redhat:enterprise_linux:python-saslwrapper, p-cpe:/a:redhat:enterprise_linux:mod_passenger, p-cpe:/a:redhat:enterprise_linux:puppet-agent-oauth, p-cpe:/a:redhat:enterprise_linux:python-daemon, p-cpe:/a:redhat:enterprise_linux:rubygem-mime-types, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ldap_fluff, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-gettext, p-cpe:/a:redhat:enterprise_linux:createrepo_c, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-promise.rb, p-cpe:/a:redhat:enterprise_linux:rubygem-sinatra, p-cpe:/a:redhat:enterprise_linux:satellite-installer, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_discovery, p-cpe:/a:redhat:enterprise_linux:python2-daemon, p-cpe:/a:redhat:enterprise_linux:python-isodate, p-cpe:/a:redhat:enterprise_linux:katello-debug, p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_dhcp_remote_isc, p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_dns_infoblox, p-cpe:/a:redhat:enterprise_linux:pulp-puppet-admin-extensions, p-cpe:/a:redhat:enterprise_linux:python-kid, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-http-cookie, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-passenger-native-libs, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ethon, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rbovirt, p-cpe:/a:redhat:enterprise_linux:python-oauth2, p-cpe:/a:redhat:enterprise_linux:puppet-agent, p-cpe:/a:redhat:enterprise_linux:pycairo, p-cpe:/a:redhat:enterprise_linux:python2-nectar, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-graphql-batch, p-cpe:/a:redhat:enterprise_linux:python2-jinja2, p-cpe:/a:redhat:enterprise_linux:pygobject3, p-cpe:/a:redhat:enterprise_linux:katello-client-bootstrap, p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_pulp, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_virt_who_configure, p-cpe:/a:redhat:enterprise_linux:python-pulp-common, p-cpe:/a:redhat:enterprise_linux:python2-django, p-cpe:/a:redhat:enterprise_linux:python2-billiard, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-turbolinks, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-redhat_access, p-cpe:/a:redhat:enterprise_linux:python2-ptyprocess, p-cpe:/a:redhat:enterprise_linux:rubygem-faraday, p-cpe:/a:redhat:enterprise_linux:python2-amqp, p-cpe:/a:redhat:enterprise_linux:rubygem-kafo_parsers, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-passenger-native, p-cpe:/a:redhat:enterprise_linux:saslwrapper, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman-tasks-core, p-cpe:/a:redhat:enterprise_linux:ostree, p-cpe:/a:redhat:enterprise_linux:python-pulp-streamer, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-facter, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-http, p-cpe:/a:redhat:enterprise_linux:python-pulp-client-lib, p-cpe:/a:redhat:enterprise_linux:python-pulp-integrity, p-cpe:/a:redhat:enterprise_linux:libmodulemd, p-cpe:/a:redhat:enterprise_linux:foreman-proxy-content, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-representable, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-apipie-rails, p-cpe:/a:redhat:enterprise_linux:python-amqp, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-daemons, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-jwt, p-cpe:/a:redhat:enterprise_linux:python2-markupsafe, p-cpe:/a:redhat:enterprise_linux:python-pulp-rpm-common, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_templates, p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_openscap, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_bootdisk, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-validates_lengths_from_database, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-activerecord-session_store, p-cpe:/a:redhat:enterprise_linux:rubygem-netrc, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hashie, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-typhoeus, p-cpe:/a:redhat:enterprise_linux:candlepin, p-cpe:/a:redhat:enterprise_linux:python-imgcreate, p-cpe:/a:redhat:enterprise_linux:rubygem-hashie, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_kubevirt, p-cpe:/a:redhat:enterprise_linux:foreman-rackspace, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-rack, p-cpe:/a:redhat:enterprise_linux:pcp-mmvstatsd, p-cpe:/a:redhat:enterprise_linux:rubygem-openscap, p-cpe:/a:redhat:enterprise_linux:pulp-maintenance, p-cpe:/a:redhat:enterprise_linux:rubygem-powerbar, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman-tasks, p-cpe:/a:redhat:enterprise_linux:pulp-rpm-plugins, p-cpe:/a:redhat:enterprise_linux:python-gofer-qpid, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-robotex, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_remote_execution, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-powerbar, p-cpe:/a:redhat:enterprise_linux:python-mongoengine, p-cpe:/a:redhat:enterprise_linux:rubygem-rkerberos, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-libvirt, p-cpe:/a:redhat:enterprise_linux:rubygem-infoblox, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-graphql, p-cpe:/a:redhat:enterprise_linux:python-zope-interface, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-angular-rails-templates, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-activemodel, p-cpe:/a:redhat:enterprise_linux:rubygem-rubyipmi, p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_dynflow, p-cpe:/a:redhat:enterprise_linux:python2-flask, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-declarative, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_openscap, p-cpe:/a:redhat:enterprise_linux:rubygem-multipart-post, p-cpe:/a:redhat:enterprise_linux:ansiblerole-insights-client, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-http-form_data, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-mini_mime, p-cpe:/a:redhat:enterprise_linux:pulp-katello, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-text, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_docker, p-cpe:/a:redhat:enterprise_linux:pulp-rpm-admin-extensions, p-cpe:/a:redhat:enterprise_linux:python2-gobject-base, p-cpe:/a:redhat:enterprise_linux:foreman-discovery-image, p-cpe:/a:redhat:enterprise_linux:rubygem-facter, p-cpe:/a:redhat:enterprise_linux:foreman-bootloaders-redhat-tftpboot, p-cpe:/a:redhat:enterprise_linux:rubygem-tilt, p-cpe:/a:redhat:enterprise_linux:python2-celery, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-responders, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-nio4r, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-sequel, p-cpe:/a:redhat:enterprise_linux:python-celery, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-mustermann, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ffi, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-addressable, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-faraday, p-cpe:/a:redhat:enterprise_linux:pulp-rpm, p-cpe:/a:redhat:enterprise_linux:python-markupsafe, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_remote_execution, p-cpe:/a:redhat:enterprise_linux:libsolv, p-cpe:/a:redhat:enterprise_linux:satellite-common, p-cpe:/a:redhat:enterprise_linux:pulp-selinux, p-cpe:/a:redhat:enterprise_linux:python-vine, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ruby2ruby, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-friendly_id, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-actionview, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-vsphere, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-activesupport, p-cpe:/a:redhat:enterprise_linux:rubygem-passenger, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-journald-logger, p-cpe:/a:redhat:enterprise_linux:python-pymongo, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-concurrent-ruby, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-websocket-driver, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-openstack, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-rackspace, p-cpe:/a:redhat:enterprise_linux:hfsplus-tools, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-jgrep, p-cpe:/a:redhat:enterprise_linux:rubygem-rest-client, p-cpe:/a:redhat:enterprise_linux:foreman-bootloaders-redhat, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-activestorage, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-highline, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-mime-types-data, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-unicode-display_width, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-anemone, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-i18n, p-cpe:/a:redhat:enterprise_linux:candlepin-selinux, p-cpe:/a:redhat:enterprise_linux:rubygem-rsec, p-cpe:/a:redhat:enterprise_linux:python-django, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-googleauth, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-css_parser, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-tzinfo, p-cpe:/a:redhat:enterprise_linux:python-ptyprocess, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-zest, p-cpe:/a:redhat:enterprise_linux:python2-gobject, p-cpe:/a:redhat:enterprise_linux:python2-kombu, p-cpe:/a:redhat:enterprise_linux:pulp-ostree-plugins, p-cpe:/a:redhat:enterprise_linux:pulp-docker, p-cpe:/a:redhat:enterprise_linux:createrepo_c-libs, p-cpe:/a:redhat:enterprise_linux:python-okaara, p-cpe:/a:redhat:enterprise_linux:python-pulp-puppet-common, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-arel, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-apipie-bindings, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-globalid, p-cpe:/a:redhat:enterprise_linux:pulp-nodes-child, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-activerecord-import, p-cpe:/a:redhat:enterprise_linux:python-werkzeug, p-cpe:/a:redhat:enterprise_linux:python-pulp-oid_validation, p-cpe:/a:redhat:enterprise_linux:rubygem-bundler_ext, p-cpe:/a:redhat:enterprise_linux:pulp-docker-plugins, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-kubeclient, p-cpe:/a:redhat:enterprise_linux:tfm-runtime, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-little-plugger, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-rack-protection, p-cpe:/a:redhat:enterprise_linux:python2-twisted, p-cpe:/a:redhat:enterprise_linux:python-gofer, p-cpe:/a:redhat:enterprise_linux:python-anyjson, p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_remote_execution_ssh, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-rails-html-sanitizer, p-cpe:/a:redhat:enterprise_linux:python-billiard, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-thor, p-cpe:/a:redhat:enterprise_linux:foreman-proxy, p-cpe:/a:redhat:enterprise_linux:python2-solv, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-logging, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-passenger, p-cpe:/a:redhat:enterprise_linux:python-semantic_version, p-cpe:/a:redhat:enterprise_linux:python-pulp-agent-lib, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rainbow, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-quantile, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-os, p-cpe:/a:redhat:enterprise_linux:python-pulp-repoauth, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-thread_safe, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_ansible, p-cpe:/a:redhat:enterprise_linux:rubygem-jwt, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-parse-cron, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_ansible, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-awesome_print, p-cpe:/a:redhat:enterprise_linux:future, p-cpe:/a:redhat:enterprise_linux:python-pulp-bindings, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-sprockets, p-cpe:/a:redhat:enterprise_linux:kobo, p-cpe:/a:redhat:enterprise_linux:rubygem-journald-native, p-cpe:/a:redhat:enterprise_linux:ansiblerole-foreman_scap_client, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_admin, p-cpe:/a:redhat:enterprise_linux:qpid-proton-c, p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_discovery, p-cpe:/a:redhat:enterprise_linux:foreman-openstack, p-cpe:/a:redhat:enterprise_linux:python-qpid-proton, p-cpe:/a:redhat:enterprise_linux:python-pulp-docker-common, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_openscap, p-cpe:/a:redhat:enterprise_linux:tfm, p-cpe:/a:redhat:enterprise_linux:qpid-cpp-server-linearstore, p-cpe:/a:redhat:enterprise_linux:qpid-dispatch-router, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-aws, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-algebrick, p-cpe:/a:redhat:enterprise_linux:pulp-ostree-admin-extensions, p-cpe:/a:redhat:enterprise_linux:pulp-puppet-plugins, p-cpe:/a:redhat:enterprise_linux:python-flask, p-cpe:/a:redhat:enterprise_linux:python-itsdangerous, p-cpe:/a:redhat:enterprise_linux:pulp-puppet, p-cpe:/a:redhat:enterprise_linux:python-qpid, p-cpe:/a:redhat:enterprise_linux:katello-certs-tools, p-cpe:/a:redhat:enterprise_linux:foreman-debug, p-cpe:/a:redhat:enterprise_linux:rubygem-foreman_scap_client, p-cpe:/a:redhat:enterprise_linux:python2-pycurl, p-cpe:/a:redhat:enterprise_linux:python2-crane, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_remote_execution_core, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-net-ssh, p-cpe:/a:redhat:enterprise_linux:satellite-capsule, p-cpe:/a:redhat:enterprise_linux:foreman-installer-katello, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-logging-journald, p-cpe:/a:redhat:enterprise_linux:rubygem-clamp, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ruby-libvirt, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_theme_satellite, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-runtime, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_kubevirt, p-cpe:/a:redhat:enterprise_linux:tfm-ror52, p-cpe:/a:redhat:enterprise_linux:python-pexpect, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-net-ldap, p-cpe:/a:redhat:enterprise_linux:foreman-cli, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-prometheus-client, p-cpe:/a:redhat:enterprise_linux:pulp-admin-client, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-actionpack, p-cpe:/a:redhat:enterprise_linux:pulp-puppet-tools, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-deacon, cpe:/o:redhat:enterprise_linux:7, p-cpe:/a:redhat:enterprise_linux:python-pulp-ostree-common, p-cpe:/a:redhat:enterprise_linux:qpid-cpp, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-formatador, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ovirt_provision_plugin, p-cpe:/a:redhat:enterprise_linux:rubygem-kafo, p-cpe:/a:redhat:enterprise_linux:qpid-qmf, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-unicode, p-cpe:/a:redhat:enterprise_linux:satellite-cli, p-cpe:/a:redhat:enterprise_linux:python2-isodate, p-cpe:/a:redhat:enterprise_linux:rubygem-rb-inotify, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-websocket-extensions, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-deface, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-clamp, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-pg, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-will_paginate, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-optimist, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-x-editable-rails, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_docker, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-unf_ext, p-cpe:/a:redhat:enterprise_linux:redhat-access-insights-puppet, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ancestry, p-cpe:/a:redhat:enterprise_linux:pulp, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-nokogiri, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-tilt, p-cpe:/a:redhat:enterprise_linux:python-click, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-mime-types, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-mini_portile2, p-cpe:/a:redhat:enterprise_linux:rubygem-ffi, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-signet, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-google-api-client, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_discovery, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-activerecord, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-get_process_mem, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-oauth, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-apipie-params, p-cpe:/a:redhat:enterprise_linux:python2-lockfile, p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_discovery_image, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ovirt-engine-sdk, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-multi_json, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-locale, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-safemode, p-cpe:/a:redhat:enterprise_linux:foreman-postgresql, p-cpe:/a:redhat:enterprise_linux:rubygem-multi_json, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rails-i18n, p-cpe:/a:redhat:enterprise_linux:satellite-debug-tools, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-sinatra, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-coffee-script-source, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-runcible, p-cpe:/a:redhat:enterprise_linux:python-jinja2, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-loofah, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-redhat_access_lib, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rack-cors, p-cpe:/a:redhat:enterprise_linux:libwebsockets, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-unf, p-cpe:/a:redhat:enterprise_linux:rubygem-rack-protection, p-cpe:/a:redhat:enterprise_linux:foreman-installer, p-cpe:/a:redhat:enterprise_linux:puppetserver, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-audited, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rbvmomi, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-diffy, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-builder, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-actionmailer, p-cpe:/a:redhat:enterprise_linux:rubygem-logging-journald, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-statsd-instrument, p-cpe:/a:redhat:enterprise_linux:qpid-cpp-client, p-cpe:/a:redhat:enterprise_linux:foreman-proxy-journald, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-recursive-open-struct, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-public_suffix, p-cpe:/a:redhat:enterprise_linux:repoview, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_tasks, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-core, p-cpe:/a:redhat:enterprise_linux:pulp-server, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-ovirt, p-cpe:/a:redhat:enterprise_linux:mod_xsendfile, p-cpe:/a:redhat:enterprise_linux:tfm-ror52-rubygem-railties, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-secure_headers, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-record_tag_helper, p-cpe:/a:redhat:enterprise_linux:python-simplejson, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-xml, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_virt_who_configure, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-httpclient
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 10/22/2019
Vulnerability Publication Date: 10/23/2017
Reference Information
CVE: CVE-2016-10516, CVE-2016-10745, CVE-2018-1000632, CVE-2018-16470, CVE-2019-10198, CVE-2019-10906, CVE-2019-12387, CVE-2019-14825, CVE-2019-3893