Detections
Analytics
RHEL 8 : OpenShift Container Platform 4.9.56 (RHSA-2023:0777)
critical Nessus Plugin ID 193747
Language:
Synopsis
The remote Red Hat host is missing one or more security updates for OpenShift Container Platform 4.9.56.Description
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0777 advisory.- google-oauth-client: missing PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps can lead to improper authorization (CVE-2020-7692)
- SnakeYaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)
- http2-server: Invalid HTTP/2 requests cause DoS (CVE-2022-2048)
- snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
- Jenkins plugin: CSRF vulnerability in Script Security Plugin (CVE-2022-30946)
- Jenkins plugin: User-scoped credentials exposed to other users by Pipeline SCM API for Blue Ocean Plugin (CVE-2022-30952)
- Jenkins plugin: CSRF vulnerability in Blue Ocean Plugin (CVE-2022-30953)
- Jenkins plugin: missing permission checks in Blue Ocean Plugin (CVE-2022-30954)
- jenkins: Observable timing discrepancy allows determining username validity (CVE-2022-34174)
- jenkins-plugin: Cross-site Request Forgery (CSRF) in org.jenkins-ci.plugins:git (CVE-2022-36882)
- jenkins plugin: Lack of authentication mechanism in Git Plugin webhook (CVE-2022-36883, CVE-2022-36884)
- jenkins plugin: Non-constant time webhook signature comparison in GitHub Plugin (CVE-2022-36885)
- jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin (CVE-2022-43401, CVE-2022-43403, CVE-2022-43404)
- jenkins-plugin/workflow-cps: Sandbox bypass vulnerabilities in Pipeline: Groovy Plugin (CVE-2022-43402)
- jenkins-plugin/pipeline-groovy-lib: Sandbox bypass vulnerability in Pipeline: Groovy Libraries Plugin (CVE-2022-43405)
- jenkins-plugin/workflow-cps-global-lib: Sandbox bypass vulnerability in Pipeline: Deprecated Groovy Libraries Plugin (CVE-2022-43406)
- jenkins-plugin/pipeline-input-step: CSRF protection for any URL can be bypassed in Pipeline: Input Step Plugin (CVE-2022-43407)
- jenkins-plugin/pipeline-stage-view: CSRF protection for any URL can be bypassed in Pipeline: Stage View Plugin (CVE-2022-43408)
- jenkins-plugin/workflow-support: Stored XSS vulnerability in Pipeline: Supporting APIs Plugin (CVE-2022-43409)
- mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)
- jenkins-plugin/script-security: Whole-script approval in Script Security Plugin vulnerable to SHA-1 collisions (CVE-2022-45379)
- jenkins-plugin/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2022-45380)
- jenkins-plugin/pipeline-utility-steps: Arbitrary file read vulnerability in Pipeline Utility Steps Plugin (CVE-2022-45381)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the RHEL OpenShift Container Platform 4.9.56 package based on the guidance in RHSA-2023:0777.See Also
https://bugzilla.redhat.com/show_bug.cgi?id=2119656
https://bugzilla.redhat.com/show_bug.cgi?id=2119657
https://bugzilla.redhat.com/show_bug.cgi?id=2119658
https://bugzilla.redhat.com/show_bug.cgi?id=2126789
https://bugzilla.redhat.com/show_bug.cgi?id=2136370
https://bugzilla.redhat.com/show_bug.cgi?id=2136374
https://bugzilla.redhat.com/show_bug.cgi?id=2136379
https://bugzilla.redhat.com/show_bug.cgi?id=2136381
https://bugzilla.redhat.com/show_bug.cgi?id=2136382
https://bugzilla.redhat.com/show_bug.cgi?id=2136383
https://bugzilla.redhat.com/show_bug.cgi?id=2136386
https://bugzilla.redhat.com/show_bug.cgi?id=2136388
https://bugzilla.redhat.com/show_bug.cgi?id=2136391
https://bugzilla.redhat.com/show_bug.cgi?id=2143086
https://bugzilla.redhat.com/show_bug.cgi?id=2143089
https://bugzilla.redhat.com/show_bug.cgi?id=2143090
https://bugzilla.redhat.com/show_bug.cgi?id=2145194
https://bugzilla.redhat.com/show_bug.cgi?id=2150009
http://www.nessus.org/u?ce84c798
https://access.redhat.com/errata/RHSA-2023:0777
https://access.redhat.com/security/updates/classification/#critical
http://www.nessus.org/u?fc25b68c
https://bugzilla.redhat.com/show_bug.cgi?id=1856376
https://bugzilla.redhat.com/show_bug.cgi?id=2116840
https://bugzilla.redhat.com/show_bug.cgi?id=2116952
https://bugzilla.redhat.com/show_bug.cgi?id=2119643
https://bugzilla.redhat.com/show_bug.cgi?id=2119645
https://bugzilla.redhat.com/show_bug.cgi?id=2119646
Plugin Details
Severity: Critical
ID: 193747
File Name: redhat-RHSA-2023-0777.nasl
Version: 1.0
Type: local
Agent: unix
Family: Red Hat Local Security Checks
Published: 4/23/2024
Updated: 4/23/2024
Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: Medium
Base Score: 6.4
Temporal Score: 5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N
CVSS Score Source: CVE-2020-7692
CVSS v3
Risk Factor: Critical
Base Score: 9.9
Temporal Score: 8.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
CVSS Score Source: CVE-2022-43406
Vulnerability Information
CPE: cpe:/o:redhat:enterprise_linux:8, p-cpe:/a:redhat:enterprise_linux:jenkins, p-cpe:/a:redhat:enterprise_linux:jenkins-2-plugins
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 2/23/2023
Vulnerability Publication Date: 7/9/2020
Reference Information
CVE: CVE-2020-7692, CVE-2022-1471, CVE-2022-2048, CVE-2022-25857, CVE-2022-30946, CVE-2022-30952, CVE-2022-30953, CVE-2022-30954, CVE-2022-34174, CVE-2022-36882, CVE-2022-36883, CVE-2022-36884, CVE-2022-36885, CVE-2022-43401, CVE-2022-43402, CVE-2022-43403, CVE-2022-43404, CVE-2022-43405, CVE-2022-43406, CVE-2022-43407, CVE-2022-43408, CVE-2022-43409, CVE-2022-45047, CVE-2022-45379, CVE-2022-45380, CVE-2022-45381