The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3172 advisory.

  - python-werkzeug: Cross-site scripting in render_full function in debug/tbtools.py (CVE-2016-10516)

  - python-jinja2: Sandbox escape due to information disclosure via str.format (CVE-2016-10745)

  - rubygem-rack: Buffer size in multipart parser allows for denial of service (CVE-2018-16470)

  - dom4j: XML Injection in Class: Element. Methods: addElement, addAttribute which can impact the integrity     of XML documents (CVE-2018-1000632)

  - foreman: Recover of plaintext password or token for the compute resources (CVE-2019-3893)

  - foreman: authorization bypasses in foreman-tasks leading to information disclosure (CVE-2019-10198)

  - python-jinja2: str.format_map allows sandbox escape (CVE-2019-10906)

  - python-twisted: Improper neutralization of CRLF characters in URIs and HTTP methods (CVE-2019-12387)

  - katello: registry credentials are captured in plain text during repository discovery (CVE-2019-14825)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

RHEL 7 : Red Hat Satellite 6 (RHSA-2019:3172)

high Nessus Plugin ID 130187

Version 1.12

Version 1.11

Version 1.12 Apr 28, 2024, 3:17 AM CVE (set "CVE" coverage to "CVE-2016-10516,CVE-2016-10745,CVE-2018-16470,CVE-2018-1000632,CVE-2019-3893,CVE-2019-10198,CVE-2019-10906,CVE-2019-12387,CVE-2019-14825") CVSS metrics ("CVSSv2 vector" set to "CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N") CVSS metrics ("CVSSv3 score" set to 8.6) CVSS metrics ("CVSSv3 vector" set to "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N") CVSSv2 score source (changed from "CVE-2018-1000632" to "CVE-2019-10906") Detection (updated detection logic) Plugin metadata Reference Plugin Feed: 202404280317
Version 1.11 Apr 17, 2024, 3:38 PM Exploit attributes ("Exploit available" set to "True") CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C") CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C") Exploit attributes ("Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Plugin Feed: 202404171538