RHEL 7 : Red Hat CloudForms (RHSA-2017:3005)

high Nessus Plugin ID 194022

Synopsis

The remote Red Hat host is missing one or more security updates.

Description

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:3005 advisory.

Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller (MVC) framework for web application development. Action Pack implements the controller and the view components.

The following packages have been upgraded to a later upstream version: ansible-tower (3.1.5), cfme (5.8.2.3), cfme-appliance (5.8.2.3), cfme-gemset (5.8.2.3), rabbitmq-server (3.6.9), rh-ruby23-rubygem- nokogiri (1.8.1), supervisor (3.1.4). (BZ#1476286, BZ#1485484)

Security Fix(es):

* A flaw was found in Tower's interface with SCM repositories. If a Tower project (SCM repository) definition does not have the 'delete before update' flag set, an attacker with commit access to the upstream playbook source repository could create a Trojan playbook that, when executed by Tower, modifies the checked out SCM repository to add git hooks. These git hooks could, in turn, cause arbitrary command and code execution as the user Tower runs as. (CVE-2017-12148)

* A vulnerability was found in the XML-RPC interface in supervisord. When processing malformed commands, an attacker can cause arbitrary shell commands to be executed on the server as the same user as supervisord. Exploitation requires the attacker to first be authenticated to the supervisord service.
(CVE-2017-11610)

The CVE-2017-12148 issue was discovered by Ryan Petrello (Red Hat).

Additional Changes:

This update also fixes several bugs and adds various enhancements. Documentation for these changes is available from the Release Notes document linked to in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://access.redhat.com/security/updates/classification/#important

http://www.nessus.org/u?6dfc9c38

https://bugzilla.redhat.com/show_bug.cgi?id=1439650

https://bugzilla.redhat.com/show_bug.cgi?id=1459987

https://bugzilla.redhat.com/show_bug.cgi?id=1459996

https://bugzilla.redhat.com/show_bug.cgi?id=1460754

https://bugzilla.redhat.com/show_bug.cgi?id=1461061

https://bugzilla.redhat.com/show_bug.cgi?id=1465087

https://bugzilla.redhat.com/show_bug.cgi?id=1465089

https://bugzilla.redhat.com/show_bug.cgi?id=1471709

https://bugzilla.redhat.com/show_bug.cgi?id=1476143

https://bugzilla.redhat.com/show_bug.cgi?id=1477194

https://bugzilla.redhat.com/show_bug.cgi?id=1477616

https://bugzilla.redhat.com/show_bug.cgi?id=1477701

https://bugzilla.redhat.com/show_bug.cgi?id=1477702

https://bugzilla.redhat.com/show_bug.cgi?id=1478367

https://bugzilla.redhat.com/show_bug.cgi?id=1478372

https://bugzilla.redhat.com/show_bug.cgi?id=1478379

https://bugzilla.redhat.com/show_bug.cgi?id=1478391

https://bugzilla.redhat.com/show_bug.cgi?id=1478398

https://bugzilla.redhat.com/show_bug.cgi?id=1478400

https://bugzilla.redhat.com/show_bug.cgi?id=1478406

https://bugzilla.redhat.com/show_bug.cgi?id=1478407

https://bugzilla.redhat.com/show_bug.cgi?id=1478409

https://bugzilla.redhat.com/show_bug.cgi?id=1478415

https://bugzilla.redhat.com/show_bug.cgi?id=1478418

https://bugzilla.redhat.com/show_bug.cgi?id=1478421

https://bugzilla.redhat.com/show_bug.cgi?id=1478428

https://bugzilla.redhat.com/show_bug.cgi?id=1478429

https://bugzilla.redhat.com/show_bug.cgi?id=1478434

https://bugzilla.redhat.com/show_bug.cgi?id=1478435

https://bugzilla.redhat.com/show_bug.cgi?id=1478436

https://bugzilla.redhat.com/show_bug.cgi?id=1478506

https://bugzilla.redhat.com/show_bug.cgi?id=1478508

https://bugzilla.redhat.com/show_bug.cgi?id=1478510

https://bugzilla.redhat.com/show_bug.cgi?id=1478513

https://bugzilla.redhat.com/show_bug.cgi?id=1478515

https://bugzilla.redhat.com/show_bug.cgi?id=1478523

https://bugzilla.redhat.com/show_bug.cgi?id=1478526

https://bugzilla.redhat.com/show_bug.cgi?id=1478527

https://bugzilla.redhat.com/show_bug.cgi?id=1478529

https://bugzilla.redhat.com/show_bug.cgi?id=1478532

https://bugzilla.redhat.com/show_bug.cgi?id=1478535

https://bugzilla.redhat.com/show_bug.cgi?id=1478542

https://bugzilla.redhat.com/show_bug.cgi?id=1478544

https://bugzilla.redhat.com/show_bug.cgi?id=1478554

https://bugzilla.redhat.com/show_bug.cgi?id=1478557

https://bugzilla.redhat.com/show_bug.cgi?id=1478558

https://bugzilla.redhat.com/show_bug.cgi?id=1478560

https://bugzilla.redhat.com/show_bug.cgi?id=1478562

https://bugzilla.redhat.com/show_bug.cgi?id=1478563

https://bugzilla.redhat.com/show_bug.cgi?id=1478565

https://bugzilla.redhat.com/show_bug.cgi?id=1478568

https://bugzilla.redhat.com/show_bug.cgi?id=1478571

https://bugzilla.redhat.com/show_bug.cgi?id=1479367

https://bugzilla.redhat.com/show_bug.cgi?id=1479405

https://bugzilla.redhat.com/show_bug.cgi?id=1479407

https://bugzilla.redhat.com/show_bug.cgi?id=1479409

https://bugzilla.redhat.com/show_bug.cgi?id=1479414

https://bugzilla.redhat.com/show_bug.cgi?id=1479423

https://bugzilla.redhat.com/show_bug.cgi?id=1479437

https://bugzilla.redhat.com/show_bug.cgi?id=1479453

https://bugzilla.redhat.com/show_bug.cgi?id=1479454

https://bugzilla.redhat.com/show_bug.cgi?id=1479478

https://bugzilla.redhat.com/show_bug.cgi?id=1479481

https://bugzilla.redhat.com/show_bug.cgi?id=1479802

https://bugzilla.redhat.com/show_bug.cgi?id=1479805

https://bugzilla.redhat.com/show_bug.cgi?id=1479886

https://bugzilla.redhat.com/show_bug.cgi?id=1479917

https://bugzilla.redhat.com/show_bug.cgi?id=1479920

https://bugzilla.redhat.com/show_bug.cgi?id=1479922

https://bugzilla.redhat.com/show_bug.cgi?id=1479923

https://bugzilla.redhat.com/show_bug.cgi?id=1479924

https://bugzilla.redhat.com/show_bug.cgi?id=1479925

https://bugzilla.redhat.com/show_bug.cgi?id=1479926

https://bugzilla.redhat.com/show_bug.cgi?id=1479927

https://bugzilla.redhat.com/show_bug.cgi?id=1479929

https://bugzilla.redhat.com/show_bug.cgi?id=1479931

https://bugzilla.redhat.com/show_bug.cgi?id=1479935

https://bugzilla.redhat.com/show_bug.cgi?id=1479937

https://bugzilla.redhat.com/show_bug.cgi?id=1479938

https://bugzilla.redhat.com/show_bug.cgi?id=1479941

https://bugzilla.redhat.com/show_bug.cgi?id=1479943

https://bugzilla.redhat.com/show_bug.cgi?id=1479944

https://bugzilla.redhat.com/show_bug.cgi?id=1479959

https://bugzilla.redhat.com/show_bug.cgi?id=1479972

https://bugzilla.redhat.com/show_bug.cgi?id=1479976

https://bugzilla.redhat.com/show_bug.cgi?id=1479978

https://bugzilla.redhat.com/show_bug.cgi?id=1479991

https://bugzilla.redhat.com/show_bug.cgi?id=1479993

https://bugzilla.redhat.com/show_bug.cgi?id=1479994

https://bugzilla.redhat.com/show_bug.cgi?id=1480000

https://bugzilla.redhat.com/show_bug.cgi?id=1480001

https://bugzilla.redhat.com/show_bug.cgi?id=1480002

https://bugzilla.redhat.com/show_bug.cgi?id=1480007

https://bugzilla.redhat.com/show_bug.cgi?id=1480008

https://bugzilla.redhat.com/show_bug.cgi?id=1480286

https://bugzilla.redhat.com/show_bug.cgi?id=1480377

https://bugzilla.redhat.com/show_bug.cgi?id=1480586

https://bugzilla.redhat.com/show_bug.cgi?id=1480588

https://bugzilla.redhat.com/show_bug.cgi?id=1480589

https://bugzilla.redhat.com/show_bug.cgi?id=1480654

https://bugzilla.redhat.com/show_bug.cgi?id=1480734

https://bugzilla.redhat.com/show_bug.cgi?id=1481296

https://bugzilla.redhat.com/show_bug.cgi?id=1481436

https://bugzilla.redhat.com/show_bug.cgi?id=1481437

https://bugzilla.redhat.com/show_bug.cgi?id=1481439

https://bugzilla.redhat.com/show_bug.cgi?id=1481442

https://bugzilla.redhat.com/show_bug.cgi?id=1481445

https://bugzilla.redhat.com/show_bug.cgi?id=1481449

https://bugzilla.redhat.com/show_bug.cgi?id=1481450

https://bugzilla.redhat.com/show_bug.cgi?id=1481845

https://bugzilla.redhat.com/show_bug.cgi?id=1481846

https://bugzilla.redhat.com/show_bug.cgi?id=1481849

https://bugzilla.redhat.com/show_bug.cgi?id=1481851

https://bugzilla.redhat.com/show_bug.cgi?id=1481853

https://bugzilla.redhat.com/show_bug.cgi?id=1482131

https://bugzilla.redhat.com/show_bug.cgi?id=1482136

https://bugzilla.redhat.com/show_bug.cgi?id=1482148

https://bugzilla.redhat.com/show_bug.cgi?id=1482170

https://bugzilla.redhat.com/show_bug.cgi?id=1482666

https://bugzilla.redhat.com/show_bug.cgi?id=1482667

https://bugzilla.redhat.com/show_bug.cgi?id=1482668

https://bugzilla.redhat.com/show_bug.cgi?id=1482669

https://bugzilla.redhat.com/show_bug.cgi?id=1482670

https://bugzilla.redhat.com/show_bug.cgi?id=1484373

https://bugzilla.redhat.com/show_bug.cgi?id=1484374

https://bugzilla.redhat.com/show_bug.cgi?id=1484385

https://bugzilla.redhat.com/show_bug.cgi?id=1484424

https://bugzilla.redhat.com/show_bug.cgi?id=1484539

https://bugzilla.redhat.com/show_bug.cgi?id=1484548

https://bugzilla.redhat.com/show_bug.cgi?id=1484608

https://bugzilla.redhat.com/show_bug.cgi?id=1484613

https://bugzilla.redhat.com/show_bug.cgi?id=1484895

https://bugzilla.redhat.com/show_bug.cgi?id=1484901

https://bugzilla.redhat.com/show_bug.cgi?id=1484904

https://bugzilla.redhat.com/show_bug.cgi?id=1484956

https://bugzilla.redhat.com/show_bug.cgi?id=1484984

https://bugzilla.redhat.com/show_bug.cgi?id=1485474

https://bugzilla.redhat.com/show_bug.cgi?id=1486351

https://bugzilla.redhat.com/show_bug.cgi?id=1486474

https://bugzilla.redhat.com/show_bug.cgi?id=1487283

https://bugzilla.redhat.com/show_bug.cgi?id=1487320

https://bugzilla.redhat.com/show_bug.cgi?id=1487689

https://bugzilla.redhat.com/show_bug.cgi?id=1488967

https://bugzilla.redhat.com/show_bug.cgi?id=1489974

https://bugzilla.redhat.com/show_bug.cgi?id=1491310

https://bugzilla.redhat.com/show_bug.cgi?id=1492840

https://bugzilla.redhat.com/show_bug.cgi?id=1493207

https://bugzilla.redhat.com/show_bug.cgi?id=1494561

https://bugzilla.redhat.com/show_bug.cgi?id=1496912

https://bugzilla.redhat.com/show_bug.cgi?id=1496946

https://bugzilla.redhat.com/show_bug.cgi?id=1497746

https://bugzilla.redhat.com/show_bug.cgi?id=1497817

https://bugzilla.redhat.com/show_bug.cgi?id=1497835

https://bugzilla.redhat.com/show_bug.cgi?id=1498230

https://bugzilla.redhat.com/show_bug.cgi?id=1498556

https://bugzilla.redhat.com/show_bug.cgi?id=1499868

https://bugzilla.redhat.com/show_bug.cgi?id=1500049

https://bugzilla.redhat.com/show_bug.cgi?id=1500051

https://bugzilla.redhat.com/show_bug.cgi?id=1500053

https://bugzilla.redhat.com/show_bug.cgi?id=1502738

http://www.nessus.org/u?1e1dc181

https://access.redhat.com/errata/RHSA-2017:3005

Plugin Details

Severity: High

ID: 194022

File Name: redhat-RHSA-2017-3005.nasl

Version: 1.2

Type: local

Agent: unix

Published: 4/27/2024

Updated: 6/3/2024

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 9

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2017-12148

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 8.2

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

CVSS Score Source: CVE-2017-11610

Vulnerability Information

CPE: p-cpe:/a:redhat:enterprise_linux:ansible-tower-server, cpe:/o:redhat:enterprise_linux:7, p-cpe:/a:redhat:enterprise_linux:supervisor, p-cpe:/a:redhat:enterprise_linux:cfme-appliance, p-cpe:/a:redhat:enterprise_linux:cfme-gemset, p-cpe:/a:redhat:enterprise_linux:ansible-tower-setup, p-cpe:/a:redhat:enterprise_linux:cfme, p-cpe:/a:redhat:enterprise_linux:rabbitmq-server, p-cpe:/a:redhat:enterprise_linux:rh-ruby23-rubygem-nokogiri, p-cpe:/a:redhat:enterprise_linux:rh-ruby23-rubygem-nokogiri-doc

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 10/24/2017

Vulnerability Publication Date: 7/24/2017

Exploitable With

Metasploit (Supervisor XML-RPC Authenticated Remote Code Execution)

Reference Information

CVE: CVE-2017-11610, CVE-2017-12148

CWE: 20, 77

RHSA: 2017:3005