Detections
Analytics
SUSE SLES15 Security Update : SUSE Manager Proxy and Retail Branch Server 4.3 (SUSE-SU-2024:4006-1)
medium Nessus Plugin ID 212581
Synopsis
The remote SUSE host is missing one or more security updates.Description
The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:4006-1 advisory.cobbler:
- Security issues fixed:
* CVE-2024-47533: Prevent privilege escalation from none to admin (bsc#1231332)
- Other bugs fixed:
* Increase start timeout for cobblerd unit (bsc#1219450)
* Provide sync_single_system for DHCP modules to improve performance (bsc#1219450)
* Add input_string_*, input_boolean, input_int functions to public API
* Add new setting for Uyuni authentication endpoint (bsc#1219887)
grafana-formula:
- Version 0.11.0
* Add SLES 15 SP6 to supported versions (bsc#1228286)
inter-server-sync:
- Version 0.3.5-0
* Decode boolean values for export (bsc#1228545)
saltboot-formula:
- Update to version 0.1.1723628891.ffb1da5
* Rework request stop function to avoid unnecessary warnings (bsc#1212985)
spacecmd:
- Version 4.3.29-0
* Speed up softwarechannel_removepackages (bsc#1227606)
spacewalk-backend:
- Version 4.3.30-0
* Make ISSv1 timezone independent (bsc#1221505)
* reposync: introduce timeout when syncing DEB channels (bsc#1225960)
* yum_src: use proper name variable name for subprocess.TimeoutExpired
* Check and populate PTF attributes at the time of importing packages (bsc#1225619)
* reposync: import GPG keys to RPM DB individually (bsc#1217003)
* Add log string to the journal when services are stopped because of insufficient disk space
spacewalk-certs-tools:
- Version 4.3.26-0
* Fix private key format in jabberd certificate file (bsc#1228851)
* Fix parsing Authority Key Identifier when keyid is not prefixed (bsc#1229079)
* Support multiple certificates for root-ca-file and server-cert-file
spacewalk-client-tools:
- Version 4.3.21-0
* Update translation strings
spacewalk-config:
- Version 4.3.14-0
* Trust the Content-Length header from AJP (bsc#1226439)
spacewalk-java:
- Version 4.3.82-0
* Limit frontend-log message size (bsc#1231900)
- Version 4.3.81-0
* Add detection of Ubuntu 24.04
- Version 4.3.80-0
* Use custom select instead of errata view for better performance (bsc#1225619)
- Version 4.3.79-0
* Add info URL for cobbler to clean the system profile (bsc#1219645)
* Require correct scap packages for Ubuntu
* Require correct scap packages for Debian 12 (bsc#1227746)
* Fix finding system_checkin_threshold configuration value on Sytems Overview page (bsc#1224108)
* Allow changing base channel to SUSE Liberty Linux LTSS when the system is on Liberty (bsc#1228326)
* Implement product migration from RHEL and Clones to SUSE Liberty Linux
* Remove system also from proxy SSH known_hosts (bsc#1228345)
* Fix NullPointerException when generating subscription matcher input (bsc#1228638)
* Allow free products and SUSE Manager Proxy being managed by SUSE Manager Server PAYG
* Open bootstrap script directory URL in a new page (bsc#1225603)
* Delay package list refresh when Salt was updated (bsc#1217978)
* Add SLE Micro 5 to the list of systems which support monitoring (bsc#1227334)
* Add all SLE Micro systems to the list of systems which get PTF repositories
* Update last sync refresh timestamp only when at least one time products were synced before
* Prevent NullPointerException when listing history events without completion time (bsc#1146701)
* Autoinstallation: prevent issues with duplicate IP address due to some networks (bsc#1226461)
* Improve SQL queries and performance to check for PTF packages (bsc#1225619)
* Check the correct Salt package before product migration (bsc#1224209)
* Fix the date format output when using the HTTP API to use ISO 8601 format (bsc#1227543)
* Fix transactional update check for SL Micro (bsc#1227406)
* Improve score comparison in system search to fix ISE (bsc#1228412)
* Fix package profile update on CentOS 7 when yum-utils is not installed (bsc#1227133)
spacewalk-utils:
- Version 4.3.22-0
* Add repositories for Ubuntu 24.04 LTS
- Version 4.3.21-0
* Drop unsupported tool spacewalk-final-archive as it is broken and may disclose sensitive information (bsc#1228945)
spacewalk-web:
- Security issues fixed:
* Version 4.3.42-0 + CVE-2024-49503: Escape organization credentials username to mitigate XSS vulnerability (bsc#1231922)
* Version 4.3.41-0 + CVE-2024-49502: Validate proxy hostname format and escape proxy username to mitigate XSS vulnerabilities (bsc#1231852)
- Bugs fixed:
* Version 4.3.40-0 + Fix channel selection using SSM (bsc#1226917) + Fix datetime selection when using maintenance windows (bsc#1228036)
susemanager:
- Version 4.3.39-0
* Enable bootstrapping for Ubuntu 24.04 LTS
- Version 4.3.38-0
* Add missing package python3-ply to bootstrap repo definition (bsc#1228130)
* Create special bootstrap data for SUSE Manager Server 4.3 with LTSS updates for Hub scenario (bsc#1211899)
* Add LTSS updates to SUSE Manager Proxy 4.3 bootstrap data
* Add traditional stack to boostrap repo on sles15sp6 (bsc#1228147)
* Change package to libdbus-glib-1-2 on sle15sp6 (bsc#1228147)
susemanager-build-keys:
- Extended 2048 bit SUSE SLE 12, 15 GA-SP5 key until 2028. (bsc#1229339)
susemanager-docs_en:
- Documented Ubuntu 24.04 LTS as a supported client OS in Client
- SUSE Manager 4.3.14 documentation update
- In network ports section, deleted partially outdated image, added port 443 for clients, and removed Cobbler only used internally (bsc#1217338)
- Added installer-updates.suse.com to the list of URLs in Installation and Upgrade Guide (bsc#1229178)
- Enhanced instructions about the permissions for the IAM role in Public Cloud Guide
- Fixed OS minor number in Client Configuration Guide (bsc#1218090)
- Added warning about Package Hub (bsc#1221435)
- Removed Verify Packages section from Package Management chapter in Client Configuration Guide
- Added note about usernames in PAM section in Administration Guide (bsc#1227599)
- Updated Content Lifecycle Management (CLM) examples for Red Hat Enterprise Linux 9 (bsc#1226687)
- Added VM based proxy installation in Installation and Upgrade Guide
- Fixed PostgreSQL name entity
- Improved Large Deployments Guide with better tuning values and extra parameters added
- Updated lists of SUSE Linux Enterprise hardening profiles in openSCAP chapter in the Administration Guide
susemanager-schema:
- Version 4.3.27-0
* Introduce new attributes to detect PTF packages (bsc#1225619)
susemanager-sls:
- Version 4.3.45-0
* Start using DEB822 format for repository sources beginning with Ubuntu 24.04
- Version 4.3.44-0
* Speed-up mgrutil.remove_ssh_known_host runner (bsc#1223312)
* Implement product migration from RHEL and clones to SUSE Liberty Linux
* Disable transactional-update.timer on SLEM at bootstrap
* Explicitly remove old venv-minion environment when updating Python versions
* sumautil: properly detect bridge interfaces (bsc#1226461)
* Fix typo on directories to clean up when deleting a system (bsc#1228101)
* Translate GPG URL if it has server name and client behind proxy (bsc#1223988)
* Fix yum-utils package missing on CentOS7 minions (bsc#1227133)
* Implement IMDSv2 for AWS instance detection (bsc#1226090)
* Fix package profile update on CentOS 7 when yum-utils is not installed (bsc#1227133)
* Fix parsing passwords with special characters for PostgreSQL exporter
susemanager-sync-data:
- Version 4.3.21-0
* Add SLES15-SP5-LTSS channel families
* Add MicroOS PPC channel family
- Version 4.3.20-0
* Add Ubuntu 24.04 support
- Version 4.3.19-0
* Fix CentOS 7 repo urls (bsc#1227526)
* Add channel family for SLES 12 SP5 LTSS Extended Security
* Implement product migration from RHEL and clones to SUSE Liberty Linux
uyuni-common-libs:
- Version 4.3.11-0
* Enforce directory permissions at repo-sync when creating directories (bsc#1229260)
* Make ISSv1 timezone independent (bsc#1221505)
uyuni-reportdb-schema:
- Version 4.3.11-0
* Change Errata CVE column to type text as a varchar reaches the maximum (bsc#1226478)
How to apply this update:
1. Log in as root user to the SUSE Manager Server.
2. Stop the Spacewalk service:
`spacewalk-service stop` 3. Apply the patch using either zypper patch or YaST Online Update.
4. Start the Spacewalk service:
`spacewalk-service start`
Tenable has extracted the preceding description block directly from the SUSE security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
https://bugzilla.suse.com/1231332
https://www.suse.com/security/cve/CVE-2024-47533
https://bugzilla.suse.com/1146701
https://bugzilla.suse.com/1211899
https://bugzilla.suse.com/1212985
https://bugzilla.suse.com/1217003
https://bugzilla.suse.com/1217338
https://bugzilla.suse.com/1217978
https://bugzilla.suse.com/1218090
https://bugzilla.suse.com/1219450
https://bugzilla.suse.com/1219645
https://bugzilla.suse.com/1219887
https://bugzilla.suse.com/1221435
https://bugzilla.suse.com/1221505
https://bugzilla.suse.com/1223312
https://bugzilla.suse.com/1223988
https://bugzilla.suse.com/1224108
https://bugzilla.suse.com/1224209
https://bugzilla.suse.com/1225603
https://bugzilla.suse.com/1225619
https://bugzilla.suse.com/1225960
https://bugzilla.suse.com/1226090
https://bugzilla.suse.com/1226439
https://bugzilla.suse.com/1226461
https://bugzilla.suse.com/1226478
https://bugzilla.suse.com/1226687
https://bugzilla.suse.com/1226917
https://bugzilla.suse.com/1227133
https://bugzilla.suse.com/1227334
https://bugzilla.suse.com/1227406
https://bugzilla.suse.com/1227526
https://bugzilla.suse.com/1227543
https://bugzilla.suse.com/1227599
https://bugzilla.suse.com/1227606
https://bugzilla.suse.com/1227746
https://bugzilla.suse.com/1228036
https://bugzilla.suse.com/1228101
https://bugzilla.suse.com/1228130
https://bugzilla.suse.com/1228147
https://bugzilla.suse.com/1228286
https://bugzilla.suse.com/1228326
https://bugzilla.suse.com/1228345
https://bugzilla.suse.com/1228412
https://bugzilla.suse.com/1228545
https://bugzilla.suse.com/1228638
https://bugzilla.suse.com/1228851
https://bugzilla.suse.com/1228945
https://bugzilla.suse.com/1229079
https://bugzilla.suse.com/1229178
https://bugzilla.suse.com/1229260
https://bugzilla.suse.com/1229339
https://bugzilla.suse.com/1231852
https://bugzilla.suse.com/1231900
https://bugzilla.suse.com/1231922
http://www.nessus.org/u?6e8d8f1e
Plugin Details
Severity: Medium
ID: 212581
File Name: suse_SU-2024-4006-1.nasl
Version: 1.1
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 12/12/2024
Updated: 12/12/2024
Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 7.4
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2024-47533
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
CVSS v4
Risk Factor: Medium
Base Score: 4.6
Threat Score: 1
Threat Vector: CVSS:4.0/E:U
Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
CVSS Score Source: CVE-2024-49503
Vulnerability Information
CPE: p-cpe:/a:novell:suse_linux:spacewalk-proxy-salt, p-cpe:/a:novell:suse_linux:saltboot-formula, p-cpe:/a:novell:suse_linux:spacewalk-base-minimal-config, p-cpe:/a:novell:suse_linux:susemanager-sls, p-cpe:/a:novell:suse_linux:python3-spacewalk-certs-tools, p-cpe:/a:novell:suse_linux:spacewalk-base-minimal, p-cpe:/a:novell:suse_linux:spacewalk-utils-extras, p-cpe:/a:novell:suse_linux:spacewalk-config, p-cpe:/a:novell:suse_linux:spacewalk-backend-iss-export, p-cpe:/a:novell:suse_linux:spacewalk-java-postgresql, p-cpe:/a:novell:suse_linux:susemanager-schema-utility, p-cpe:/a:novell:suse_linux:python3-spacewalk-client-tools, p-cpe:/a:novell:suse_linux:spacewalk-html, p-cpe:/a:novell:suse_linux:spacewalk-java-config, p-cpe:/a:novell:suse_linux:spacewalk-certs-tools, p-cpe:/a:novell:suse_linux:spacewalk-proxy-common, p-cpe:/a:novell:suse_linux:spacecmd, p-cpe:/a:novell:suse_linux:spacewalk-backend-app, p-cpe:/a:novell:suse_linux:spacewalk-proxy-broker, p-cpe:/a:novell:suse_linux:spacewalk-proxy-management, p-cpe:/a:novell:suse_linux:inter-server-sync, p-cpe:/a:novell:suse_linux:susemanager-schema, p-cpe:/a:novell:suse_linux:mgr-daemon, p-cpe:/a:novell:suse_linux:cobbler, p-cpe:/a:novell:suse_linux:spacewalk-backend-tools, p-cpe:/a:novell:suse_linux:susemanager-docs_en, p-cpe:/a:novell:suse_linux:spacewalk-backend-config-files, p-cpe:/a:novell:suse_linux:spacewalk-proxy-package-manager, p-cpe:/a:novell:suse_linux:spacewalk-backend-xml-export-libs, p-cpe:/a:novell:suse_linux:spacewalk-proxy-redirect, p-cpe:/a:novell:suse_linux:grafana-formula, p-cpe:/a:novell:suse_linux:spacewalk-base, p-cpe:/a:novell:suse_linux:susemanager-build-keys, p-cpe:/a:novell:suse_linux:susemanager-tools, p-cpe:/a:novell:suse_linux:spacewalk-backend-iss, p-cpe:/a:novell:suse_linux:spacewalk-backend-applet, p-cpe:/a:novell:suse_linux:spacewalk-backend-server, p-cpe:/a:novell:suse_linux:susemanager-docs_en-pdf, cpe:/o:novell:suse_linux:15, p-cpe:/a:novell:suse_linux:uyuni-config-modules, p-cpe:/a:novell:suse_linux:spacewalk-backend-xmlrpc, p-cpe:/a:novell:suse_linux:spacewalk-client-setup, p-cpe:/a:novell:suse_linux:spacewalk-taskomatic, p-cpe:/a:novell:suse_linux:python3-spacewalk-client-setup, p-cpe:/a:novell:suse_linux:spacewalk-backend, p-cpe:/a:novell:suse_linux:python3-uyuni-common-libs, p-cpe:/a:novell:suse_linux:spacewalk-backend-config-files-common, p-cpe:/a:novell:suse_linux:spacewalk-client-tools, p-cpe:/a:novell:suse_linux:spacewalk-java, p-cpe:/a:novell:suse_linux:spacewalk-utils, p-cpe:/a:novell:suse_linux:susemanager-sync-data, p-cpe:/a:novell:suse_linux:uyuni-proxy-systemd-services, p-cpe:/a:novell:suse_linux:spacewalk-check, p-cpe:/a:novell:suse_linux:susemanager-build-keys-web, p-cpe:/a:novell:suse_linux:spacewalk-backend-config-files-tool, p-cpe:/a:novell:suse_linux:uyuni-reportdb-schema, p-cpe:/a:novell:suse_linux:spacewalk-backend-sql, p-cpe:/a:novell:suse_linux:python3-spacewalk-check, p-cpe:/a:novell:suse_linux:spacewalk-java-lib, p-cpe:/a:novell:suse_linux:susemanager, p-cpe:/a:novell:suse_linux:spacewalk-backend-package-push-server, p-cpe:/a:novell:suse_linux:spacewalk-backend-sql-postgresql
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Ease: No known exploits are available
Patch Publication Date: 11/18/2024
Vulnerability Publication Date: 11/17/2024
Reference Information
CVE: CVE-2024-47533, CVE-2024-49502, CVE-2024-49503
SuSE: SUSE-SU-2024:4006-1