CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-38201 – Keylime: challenge-response protocol bypass during agent registration
https://notcve.org/view.php?id=CVE-2023-38201
A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This issue may allow an attacker to impersonate an agent and hide the true status of a monitored machine if the fake agent is added to the verifier list by a legitimate user, resulting in a breach of the integrity of the registrar database. Se encontró una falla en el registrador de Keylime que podría permitir una omisión del protocolo de desafío-respuesta durante el registro del agente. Este problema puede permitir a un atacante suplantar a un agente y ocultar el verdadero estado de un equipo supervisado si un usuario legítimo agrega el agente falso a la lista de verificadores, lo que provoca una violación de la integridad de la base de datos del registrador. • https://access.redhat.com/errata/RHSA-2023:5080 https://access.redhat.com/security/cve/CVE-2023-38201 https://bugzilla.redhat.com/show_bug.cgi?id=2222693 https://github.com/keylime/keylime/commit/9e5ac9f25cd400b16d5969f531cee28290543f2a https://github.com/keylime/keylime/security/advisories/GHSA-f4r5-q63f-gcww https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZIZZB5NHNCS5D2AEH3ZAO6OQC72IK7WS • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-4065 – Operator: plaintext password in operator log
https://notcve.org/view.php?id=CVE-2023-4065
A flaw was found in Red Hat AMQ Broker Operator, where it displayed a password defined in ActiveMQArtemisAddress CR, shown in plain text in the Operator Log. This flaw allows an authenticated local attacker to access information outside of their permissions. Se encontró una falla en Red Hat AMQ Broker Operador, donde mostraba una contraseña definida en ActiveMQArtemisAddress CR, que se muestra en texto plano en el Registro del Operador. Esta falla permite que un atacante local autenticado acceda a información fuera de sus permisos. • https://access.redhat.com/errata/RHSA-2023:4720 https://access.redhat.com/security/cve/CVE-2023-4065 https://bugzilla.redhat.com/show_bug.cgi?id=2224630 • CWE-117: Improper Output Neutralization for Logs CWE-276: Incorrect Default Permissions •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-4066 – Operator: passwords defined in secrets shown in statefulset yaml
https://notcve.org/view.php?id=CVE-2023-4066
A flaw was found in Red Hat's AMQ Broker, which stores certain passwords in a secret security-properties-prop-module, defined in ActivemqArtemisSecurity CR; however, they are shown in plaintext in the StatefulSet details yaml of AMQ Broker. Se encontró una falla en AMQ Broker de Red Hat, que almacena ciertas contraseñas en un módulo secreto de propiedades de seguridad definido en ActivemqArtemisSecurity CR; sin embargo, se muestran en texto plano en el yaml de detalles de StatefulSet de AMQ Broker. • https://access.redhat.com/errata/RHSA-2023:4720 https://access.redhat.com/security/cve/CVE-2023-4066 https://bugzilla.redhat.com/show_bug.cgi?id=2224677 • CWE-312: Cleartext Storage of Sensitive Information CWE-313: Cleartext Storage in a File or on Disk •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-4042 – Ghostscript: incomplete fix for cve-2020-16305
https://notcve.org/view.php?id=CVE-2023-4042
A flaw was found in ghostscript. The fix for CVE-2020-16305 in ghostscript was not included in RHSA-2021:1852-06 advisory as it was claimed to be. This issue only affects the ghostscript package as shipped with Red Hat Enterprise Linux 8. • https://access.redhat.com/errata/RHSA-2023:7053 https://access.redhat.com/security/cve/CVE-2023-4042 https://bugzilla.redhat.com/show_bug.cgi?id=1870257 https://bugzilla.redhat.com/show_bug.cgi?id=2228151 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 58EXPL: 0CVE-2023-3899 – Subscription-manager: inadequate authorization of com.redhat.rhsm1 d-bus interface allows local users to modify configuration
https://notcve.org/view.php?id=CVE-2023-3899
A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the registration. By using the com.redhat.RHSM1.Config.SetAll() method, a low-privileged local user could tamper with the state of the registration, by unregistering the system or by changing the current entitlements. This flaw allows an attacker to set arbitrary configuration directives for /etc/rhsm/rhsm.conf, which can be abused to cause a local privilege escalation to an unconfined root. • https://access.redhat.com/errata/RHSA-2023:4701 https://access.redhat.com/errata/RHSA-2023:4702 https://access.redhat.com/errata/RHSA-2023:4703 https://access.redhat.com/errata/RHSA-2023:4704 https://access.redhat.com/errata/RHSA-2023:4705 https://access.redhat.com/errata/RHSA-2023:4706 https://access.redhat.com/errata/RHSA-2023:4707 https://access.redhat.com/errata/RHSA-2023:4708 https://access.redhat.com/security/cve/CVE-2023-3899 https://bugzilla.redhat.com/show • CWE-285: Improper Authorization CWE-863: Incorrect Authorization •