Detections
Analytics

RHEL 8 : OpenShift Container Platform 4.9.56 (RHSA-2023:0777)

critical Nessus Plugin ID 193747

Language:

Synopsis

The remote Red Hat host is missing one or more security updates for OpenShift Container Platform 4.9.56.

Description

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0777 advisory.

 Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

 This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.9.56. See the following advisory for the container images for this release:

 https://access.redhat.com/errata/RHSA-2023:0778

 Security Fix(es):

 * jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin (CVE-2022-43401)

 * jenkins-plugin/workflow-cps: Sandbox bypass vulnerabilities in Pipeline: Groovy Plugin (CVE-2022-43402)

 * jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin (CVE-2022-43403)

 * jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin (CVE-2022-43404)

 * jenkins-plugin/pipeline-groovy-lib: Sandbox bypass vulnerability in Pipeline: Groovy Libraries Plugin (CVE-2022-43405)

 * jenkins-plugin/workflow-cps-global-lib: Sandbox bypass vulnerability in Pipeline: Deprecated Groovy Libraries Plugin (CVE-2022-43406)

 * google-oauth-client: missing PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps can lead to improper authorization (CVE-2020-7692)

 * SnakeYaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)

 * snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)

 * jenkins-plugin/pipeline-input-step: CSRF protection for any URL can be bypassed in Pipeline: Input Step Plugin (CVE-2022-43407)

 * mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)

 * jenkins-plugin/script-security: Whole-script approval in Script Security Plugin vulnerable to SHA-1 collisions (CVE-2022-45379)

 * jenkins-plugin/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2022-45380)

 * jenkins-plugin/pipeline-utility-steps: Arbitrary file read vulnerability in Pipeline Utility Steps Plugin (CVE-2022-45381)

 * http2-server: Invalid HTTP/2 requests cause DoS (CVE-2022-2048)

 * Jenkins plugin: CSRF vulnerability in Script Security Plugin (CVE-2022-30946)

 * Jenkins plugin: User-scoped credentials exposed to other users by Pipeline SCM API for Blue Ocean Plugin (CVE-2022-30952)

 * Jenkins plugin: CSRF vulnerability in Blue Ocean Plugin (CVE-2022-30953)

 * Jenkins plugin: missing permission checks in Blue Ocean Plugin (CVE-2022-30954)

 * jenkins: Observable timing discrepancy allows determining username validity (CVE-2022-34174)

 * jenkins-plugin: Cross-site Request Forgery (CSRF) in org.jenkins-ci.plugins:git (CVE-2022-36882)

 * jenkins plugin: Lack of authentication mechanism in Git Plugin webhook (CVE-2022-36883)

 * jenkins plugin: Lack of authentication mechanism in Git Plugin webhook (CVE-2022-36884)

 * jenkins plugin: Non-constant time webhook signature comparison in GitHub Plugin (CVE-2022-36885)

 * jenkins-plugin/pipeline-stage-view: CSRF protection for any URL can be bypassed in Pipeline: Stage View Plugin (CVE-2022-43408)

 * jenkins-plugin/workflow-support: Stored XSS vulnerability in Pipeline: Supporting APIs Plugin (CVE-2022-43409)

 For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

 All OpenShift Container Platform 4.9 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.9/updating/updating-cluster-cli.html

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the RHEL OpenShift Container Platform 4.9.56 package based on the guidance in RHSA-2023:0777.

See Also

http://www.nessus.org/u?892193cb

https://access.redhat.com/security/updates/classification/#critical

http://www.nessus.org/u?fc25b68c

https://bugzilla.redhat.com/show_bug.cgi?id=1856376

https://bugzilla.redhat.com/show_bug.cgi?id=2116840

https://bugzilla.redhat.com/show_bug.cgi?id=2116952

https://bugzilla.redhat.com/show_bug.cgi?id=2119643

https://bugzilla.redhat.com/show_bug.cgi?id=2119645

https://bugzilla.redhat.com/show_bug.cgi?id=2119646

https://bugzilla.redhat.com/show_bug.cgi?id=2119647

https://bugzilla.redhat.com/show_bug.cgi?id=2119653

https://bugzilla.redhat.com/show_bug.cgi?id=2119656

https://bugzilla.redhat.com/show_bug.cgi?id=2119657

https://bugzilla.redhat.com/show_bug.cgi?id=2119658

https://bugzilla.redhat.com/show_bug.cgi?id=2126789

https://bugzilla.redhat.com/show_bug.cgi?id=2136370

https://bugzilla.redhat.com/show_bug.cgi?id=2136374

https://bugzilla.redhat.com/show_bug.cgi?id=2136379

https://bugzilla.redhat.com/show_bug.cgi?id=2136381

https://bugzilla.redhat.com/show_bug.cgi?id=2136382

https://bugzilla.redhat.com/show_bug.cgi?id=2136383

https://bugzilla.redhat.com/show_bug.cgi?id=2136386

https://bugzilla.redhat.com/show_bug.cgi?id=2136388

https://bugzilla.redhat.com/show_bug.cgi?id=2136391

https://bugzilla.redhat.com/show_bug.cgi?id=2143086

https://bugzilla.redhat.com/show_bug.cgi?id=2143089

https://bugzilla.redhat.com/show_bug.cgi?id=2143090

https://bugzilla.redhat.com/show_bug.cgi?id=2145194

https://bugzilla.redhat.com/show_bug.cgi?id=2150009

https://access.redhat.com/errata/RHSA-2023:0777

Plugin Details

Severity: Critical

ID: 193747

File Name: redhat-RHSA-2023-0777.nasl

Version: 1.1

Type: local

Agent: unix

Published: 4/23/2024

Updated: 11/7/2024

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

Vendor

Vendor Severity: Critical

CVSS v2

Risk Factor: Medium

Base Score: 6.4

Temporal Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

CVSS Score Source: CVE-2020-7692

CVSS v3

Risk Factor: Critical

Base Score: 9.9

Temporal Score: 8.9

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2022-43406

Vulnerability Information

CPE: p-cpe:/a:redhat:enterprise_linux:jenkins-2-plugins, cpe:/o:redhat:enterprise_linux:8, p-cpe:/a:redhat:enterprise_linux:jenkins

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2/23/2023

Vulnerability Publication Date: 7/9/2020

Reference Information

CVE: CVE-2020-7692, CVE-2022-1471, CVE-2022-2048, CVE-2022-25857, CVE-2022-30946, CVE-2022-30952, CVE-2022-30953, CVE-2022-30954, CVE-2022-34174, CVE-2022-36882, CVE-2022-36883, CVE-2022-36884, CVE-2022-36885, CVE-2022-43401, CVE-2022-43402, CVE-2022-43403, CVE-2022-43404, CVE-2022-43405, CVE-2022-43406, CVE-2022-43407, CVE-2022-43408, CVE-2022-43409, CVE-2022-45047, CVE-2022-45379, CVE-2022-45380, CVE-2022-45381

CWE: 200, 208, 22, 328, 352, 358, 400, 410, 502, 668, 693, 79, 838, 862

RHSA: 2023:0777