The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4366 advisory.

  - mysql-connector-java: Connector/J unspecified vulnerability (CPU October 2018) (CVE-2018-3258)

  - puppet-agent: Puppet Agent does not properly verify SSL connection when downloading a CRL (CVE-2018-11751)

  - rack-protection: Timing attack in authenticity_token.rb (CVE-2018-1000119)

  - hibernate-validator: safeHTML validator allows XSS (CVE-2019-10219)

  - Django: Incorrect HTTP detection with reverse-proxy connecting via HTTPS (CVE-2019-12781)

  - rubygem-rack: hijack sessions by using timing attacks targeting the session id (CVE-2019-16782)

  - rubygem-secure_headers: limited header injection when using dynamic overrides with user input     (CVE-2020-5216)

  - rubygem-secure_headers: directive injection when using dynamic overrides with user input (CVE-2020-5217)

  - rubygem-actionview: views that use the `j` or `escape_javascript` methods are susceptible to XSS attacks     (CVE-2020-5267)

  - netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)

  - rubygem-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser (CVE-2020-7663)

  - puppet: Arbitrary catalog retrieval (CVE-2020-7942)

  - puppet: puppet server and puppetDB may leak sensitive information via metrics API (CVE-2020-7943)

  - rubygem-rack: directory traversal in Rack::Directory (CVE-2020-8161)

  - rubygem-rack: percent-encoded cookies can be used to overwrite existing prefixed cookie names     (CVE-2020-8184)

  - jackson-databind: Lacks certain xbean-reflect/JNDI blocking (CVE-2020-8840)

  - jackson-databind: Serialization gadgets in shaded-hikari-config (CVE-2020-9546)

  - jackson-databind: Serialization gadgets in ibatis-sqlmap (CVE-2020-9547)

  - jackson-databind: Serialization gadgets in anteros-core (CVE-2020-9548)

  - hibernate-validator: Improper input validation in the interpolation of constraint error messages     (CVE-2020-10693)

  - jackson-databind: Serialization gadgets in org.aoju.bus.proxy.provider.*.RmiProvider (CVE-2020-10968)

  - jackson-databind: Serialization gadgets in javax.swing.JEditorPane (CVE-2020-10969)

  - jackson-databind: Serialization gadgets in org.springframework:spring-aop (CVE-2020-11619)

  - jackson-databind: serialization in weblogic/oracle-aqjms (CVE-2020-14061)

  - jackson-databind: serialization in com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool     (CVE-2020-14062)

  - jackson-databind: serialization in org.jsecurity.realm.jndi.JndiRealmFactory (CVE-2020-14195)

  - foreman: unauthorized cache read on RPM-based installations through local user (CVE-2020-14334)

  - Satellite: Local user impersonation by Single sign-on (SSO) user leads to account takeover     (CVE-2020-14380)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

RHEL 7 : Satellite 6.8 (Important) (RHSA-2020:4366)

critical Nessus Plugin ID 142452

Version 1.11

Version 1.10

Version 1.9

Version 1.8

Version 1.11 Apr 28, 2024, 2:25 PM CVE (set "CVE" coverage to "CVE-2018-1000119,CVE-2018-3258,CVE-2019-10219,CVE-2018-11751,CVE-2019-12781,CVE-2019-16782,CVE-2020-5216,CVE-2020-5217,CVE-2020-5267,CVE-2020-7238,CVE-2020-7663,CVE-2020-7942,CVE-2020-7943,CVE-2020-8161,CVE-2020-8184,CVE-2020-8840,CVE-2020-9546,CVE-2020-9547,CVE-2020-9548,CVE-2020-10693,CVE-2020-10968,CVE-2020-10969,CVE-2020-11619,CVE-2020-14061,CVE-2020-14062,CVE-2020-14195,CVE-2020-14334,CVE-2020-14380") Detection (updated detection logic) Plugin metadata Reference Plugin Feed: 202404281425
Version 1.10 Feb 9, 2024, 3:00 PM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C") CVSSv3 score source (set to "CVE-2020-9548") Exploit attributes ("Exploit available" set to "True". "Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Plugin Feed: 202402091500
Version 1.9 Jan 23, 2023, 7:12 PM Logic Changes (Added support for repository relative URLs) Plugin Feed: 202301231912
Version 1.8 Dec 6, 2022, 6:53 AM Reference Plugin Feed: 202212060653