CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-10863
https://notcve.org/view.php?id=CVE-2018-10863
It was discovered that redhat-certification 7 is not properly configured and it lists all files and directories in the /var/www/rhcert/store/transfer directory, through the /rhcert-transfer URL. An unauthorized attacker may use this flaw to gather sensible information. Se ha descubierto que redhat-certification 7 no está configurado correctamente y que lista todos los archivos y directorios del directorio /var/www/rhcert/store/transfer, a través de la URL /rhcert-transfer. Un atacante no autorizado puede utilizar este defecto para obtener información sensible • https://access.redhat.com/security/cve/CVE-2018-10863 https://bugzilla.redhat.com/show_bug.cgi?id=1594122 • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2019-3897
https://notcve.org/view.php?id=CVE-2019-3897
It has been discovered in redhat-certification that any unauthorized user may download any file under /var/www/rhcert, provided they know its name. Red Hat Certification 6 and 7 is vulnerable to this issue. Se ha detectado en redhat-certification que cualquier usuario no autorizado puede descargar cualquier archivo en /var/www/rhcert, siempre que conozca su nombre. Red Hat Certification versiones 6 y 7 son vulnerables a este problema • https://bugzilla.redhat.com/show_bug.cgi?id=1593768 • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0CVE-2018-10864 – redhat-certification: resource consumption in DocumentBase:loadFiltered
https://notcve.org/view.php?id=CVE-2018-10864
An uncontrolled resource consumption flaw has been discovered in redhat-certification in the way documents are loaded. A remote attacker may provide an existing but invalid XML file which would be opened and never closed, possibly producing a Denial of Service. Se ha descubierto un fallo de consumo no controlado de recursos en redhat-certification en la forma en la que se cargan los documentos. Un atacante remoto puede proporcionar un archivo XML existente pero no válido que se abriría y nunca se cerraría, produciendo posiblemente una denegación de servicio. • https://access.redhat.com/errata/RHSA-2018:2373 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10864 https://access.redhat.com/security/cve/CVE-2018-10864 https://bugzilla.redhat.com/show_bug.cgi?id=1593627 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-10869 – redhat-certification: /download allows to download any file
https://notcve.org/view.php?id=CVE-2018-10869
redhat-certification does not properly restrict files that can be download through the /download page. A remote attacker may download any file accessible by the user running httpd. redhat-certification no restringe correctamente los archivos que pueden descargarse mediante la página /download. Un atacante remoto podría descargar cualquier archivo accesible por el usuario que ejecuta httpd. It was discovered that redhat-certification does not properly restrict files that can be download through the /download page. A remote attacker may download any file accessible by the user running httpd. • http://www.securityfocus.com/bid/105061 https://access.redhat.com/errata/RHSA-2018:2373 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10869 https://access.redhat.com/security/cve/CVE-2018-10869 https://bugzilla.redhat.com/show_bug.cgi?id=1593780 • CWE-552: Files or Directories Accessible to External Parties CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0CVE-2018-10870 – redhat-certification: rhcertStore.py: __saveResultsFile allows to write any file
https://notcve.org/view.php?id=CVE-2018-10870
redhat-certification does not properly sanitize paths in rhcertStore.py:__saveResultsFile. A remote attacker could use this flaw to overwrite any file, potentially gaining remote code execution. redhat-certification no sanea correctamente las rutas en rhcertStore.py:__saveResultsFile. Un atacante remoto podría emplear este error para sobrescribir cualquier archivo, pudiendo ejecutar código remotamente. It has been discovered that redhat-certification does not properly sanitize paths in rhcertStore.py:__saveResultsFile. A remote attacker could use this flaw to overwrite any file, potentially gaining remote code execution. • http://www.securityfocus.com/bid/104857 https://access.redhat.com/errata/RHSA-2018:2373 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10870 https://access.redhat.com/security/cve/CVE-2018-10870 https://bugzilla.redhat.com/show_bug.cgi?id=1593803 • CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •