Unrated severityNVD Advisory· Published Nov 1, 2021· Updated Aug 4, 2024
CVE-2021-40348
CVE-2021-40348
Description
Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code injection. rhn-config-satellite.pl doesn't sanitize the configuration filename used to append Spacewalk-specific key-value pair. The script is intended to be run by the tomcat user account with Sudo, according to the installation setup. This can lead to the ability of an attacker to use --option to append arbitrary code to a root-owned file that eventually will be executed by the system. This is fixed in Uyuni spacewalk-admin 4.3.2-1.
Affected products
29- Uyuni/Spacewalkdescription
- osv-coords28 versionspkg:rpm/suse/cobbler&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/hub-xmlrpc-api&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/inter-server-sync&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/patterns-suse-manager&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/py26-compat-salt&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/py26-compat-tornado&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/py27-compat-salt&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/release-notes-susemanager&distro=SUSE%20Manager%20Server%204.2pkg:rpm/suse/release-notes-susemanager-proxy&distro=SUSE%20Manager%20Proxy%204.2pkg:rpm/suse/release-notes-susemanager-proxy&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.2pkg:rpm/suse/spacecmd&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/spacewalk-admin&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/spacewalk-admin&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/spacewalk-backend&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/spacewalk-certs-tools&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/spacewalk-client-tools&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/spacewalk-java&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/spacewalk-utils&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/spacewalk-web&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/subscription-matcher&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/supportutils-plugin-susemanager&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/susemanager&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/susemanager-doc-indexes&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/susemanager-docs_en&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/susemanager-schema&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/susemanager-sls&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/susemanager-sync-data&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/virtualization-formulas&distro=SUSE%20Manager%20Server%20Module%204.2
< 3.1.2-5.11.1+ 27 more
- (no CPE)range: < 3.1.2-5.11.1
- (no CPE)range: < 0.7-3.3.3
- (no CPE)range: < 0.0.5-8.6.3
- (no CPE)range: < 4.2-4.3.1
- (no CPE)range: < 2016.11.10-11.28.9.1
- (no CPE)range: < 4.2.1-3.3.1
- (no CPE)range: < 3000.3-7.7.11.1
- (no CPE)range: < 4.2.3-3.19.1
- (no CPE)range: < 4.2.3-3.15.1
- (no CPE)range: < 4.2.3-3.15.1
- (no CPE)range: < 4.2.13-4.9.1
- (no CPE)range: < 4.1.10-3.15.1
- (no CPE)range: < 4.2.9-3.6.2
- (no CPE)range: < 4.2.17-4.9.3
- (no CPE)range: < 4.2.13-3.9.2
- (no CPE)range: < 4.2.14-4.9.3
- (no CPE)range: < 4.2.30-3.14.4
- (no CPE)range: < 4.2.14-3.9.3
- (no CPE)range: < 4.2.23-3.9.3
- (no CPE)range: < 0.27-6.3.1
- (no CPE)range: < 4.2.3-3.3.2
- (no CPE)range: < 4.2.25-3.13.1
- (no CPE)range: < 4.2-12.11.3
- (no CPE)range: < 4.2-12.11.1
- (no CPE)range: < 4.2.18-3.9.3
- (no CPE)range: < 4.2.18-3.11.1
- (no CPE)range: < 4.2.9-3.9.1
- (no CPE)range: < 0.6.1-8.3.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.openwall.com/lists/oss-security/2021/10/28/4mitrex_refsource_MISC
- github.com/uyuni-project/uyuni/commit/790c7388efac6923c5475e01c1ff718dffa9f052mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.