https://bugzilla.redhat.com/show_bug.cgi?id=2278710
https://bugzilla.redhat.com/show_bug.cgi?id=2279476
https://bugzilla.redhat.com/show_bug.cgi?id=2282114
https://issues.redhat.com/browse/AAH-3111
https://issues.redhat.com/browse/AAP-22461
http://www.nessus.org/u?83d655b3
https://access.redhat.com/errata/RHSA-2024:3781
https://access.redhat.com/security/updates/classification/#moderate
https://bugzilla.redhat.com/show_bug.cgi?id=2250765
https://bugzilla.redhat.com/show_bug.cgi?id=2255331
https://bugzilla.redhat.com/show_bug.cgi?id=2259479
https://bugzilla.redhat.com/show_bug.cgi?id=2266045
https://bugzilla.redhat.com/show_bug.cgi?id=2268017
https://bugzilla.redhat.com/show_bug.cgi?id=2268019
https://bugzilla.redhat.com/show_bug.cgi?id=2268273
https://bugzilla.redhat.com/show_bug.cgi?id=2269576
https://bugzilla.redhat.com/show_bug.cgi?id=2269617
https://bugzilla.redhat.com/show_bug.cgi?id=2270236
https://bugzilla.redhat.com/show_bug.cgi?id=2272563
https://bugzilla.redhat.com/show_bug.cgi?id=2274779
https://bugzilla.redhat.com/show_bug.cgi?id=2275106
https://bugzilla.redhat.com/show_bug.cgi?id=2275280
https://bugzilla.redhat.com/show_bug.cgi?id=2275989
Severity: High
ID: 200272
File Name: redhat-RHSA-2024-3781.nasl
Version: 1.2
Type: local
Agent: unix
Family: Red Hat Local Security Checks
Published: 6/10/2024
Updated: 11/7/2024
Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Factor: Medium
Score: 5.9
Vendor Severity: Moderate
Risk Factor: High
Base Score: 7.6
Temporal Score: 6
Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2023-50447
Risk Factor: High
Base Score: 8.1
Temporal Score: 7.3
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
Risk Factor: High
Base Score: 8.9
Threat Score: 8.9
Threat Vector: CVSS:4.0/E:P
Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
CVSS Score Source: CVE-2023-49083
CPE: p-cpe:/a:redhat:enterprise_linux:python3-requests, p-cpe:/a:redhat:enterprise_linux:python3x-aiohttp, p-cpe:/a:redhat:enterprise_linux:python3-black, p-cpe:/a:redhat:enterprise_linux:python3-pydantic, p-cpe:/a:redhat:enterprise_linux:python3x-idna, p-cpe:/a:redhat:enterprise_linux:python3x-black, p-cpe:/a:redhat:enterprise_linux:python-pillow, p-cpe:/a:redhat:enterprise_linux:python-galaxy-ng, p-cpe:/a:redhat:enterprise_linux:python3x-cryptography, cpe:/o:redhat:enterprise_linux:9, p-cpe:/a:redhat:enterprise_linux:python3x-requests, p-cpe:/a:redhat:enterprise_linux:python-black, p-cpe:/a:redhat:enterprise_linux:python3x-galaxy-ng, p-cpe:/a:redhat:enterprise_linux:receptor, p-cpe:/a:redhat:enterprise_linux:automation-controller-venv-tower, p-cpe:/a:redhat:enterprise_linux:python-jinja2, p-cpe:/a:redhat:enterprise_linux:python-requests, p-cpe:/a:redhat:enterprise_linux:python39-social-auth-app-django, p-cpe:/a:redhat:enterprise_linux:python3x-jinja2, cpe:/o:redhat:enterprise_linux:8, p-cpe:/a:redhat:enterprise_linux:python-sqlparse, p-cpe:/a:redhat:enterprise_linux:python3x-pydantic, p-cpe:/a:redhat:enterprise_linux:python3-sqlparse, p-cpe:/a:redhat:enterprise_linux:python3x-sqlparse, p-cpe:/a:redhat:enterprise_linux:python39-aiohttp, p-cpe:/a:redhat:enterprise_linux:python3-aiohttp, p-cpe:/a:redhat:enterprise_linux:python3-social-auth-app-django, p-cpe:/a:redhat:enterprise_linux:python3-pillow, p-cpe:/a:redhat:enterprise_linux:python39-gunicorn, p-cpe:/a:redhat:enterprise_linux:python39-requests, p-cpe:/a:redhat:enterprise_linux:python3x-gunicorn, p-cpe:/a:redhat:enterprise_linux:python39-galaxy-ng, p-cpe:/a:redhat:enterprise_linux:python39-sqlparse, p-cpe:/a:redhat:enterprise_linux:python39-jinja2, p-cpe:/a:redhat:enterprise_linux:receptorctl, p-cpe:/a:redhat:enterprise_linux:python3-cryptography, p-cpe:/a:redhat:enterprise_linux:python-gunicorn, p-cpe:/a:redhat:enterprise_linux:python3x-social-auth-app-django, p-cpe:/a:redhat:enterprise_linux:python3-idna, p-cpe:/a:redhat:enterprise_linux:python-aiohttp, p-cpe:/a:redhat:enterprise_linux:python3-gunicorn, p-cpe:/a:redhat:enterprise_linux:python3-galaxy-ng, p-cpe:/a:redhat:enterprise_linux:python39-black, p-cpe:/a:redhat:enterprise_linux:python39-cryptography, p-cpe:/a:redhat:enterprise_linux:python39-idna, p-cpe:/a:redhat:enterprise_linux:python39-pillow, p-cpe:/a:redhat:enterprise_linux:python-cryptography, p-cpe:/a:redhat:enterprise_linux:python3x-pillow, p-cpe:/a:redhat:enterprise_linux:automation-hub, p-cpe:/a:redhat:enterprise_linux:python-social-auth-app-django, p-cpe:/a:redhat:enterprise_linux:python3-jinja2, p-cpe:/a:redhat:enterprise_linux:python39-pydantic, p-cpe:/a:redhat:enterprise_linux:python-pydantic, p-cpe:/a:redhat:enterprise_linux:python-idna
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 6/10/2024
Vulnerability Publication Date: 10/25/2023
CVE: CVE-2023-45288, CVE-2023-45290, CVE-2023-49083, CVE-2023-50447, CVE-2023-5752, CVE-2024-1135, CVE-2024-21503, CVE-2024-24783, CVE-2024-26130, CVE-2024-27306, CVE-2024-27351, CVE-2024-28219, CVE-2024-28849, CVE-2024-30251, CVE-2024-32879, CVE-2024-34064, CVE-2024-35195, CVE-2024-3651, CVE-2024-3772, CVE-2024-4340