CVE-2022-0851 – convert2rhel: Activation key passed via command line by code
https://notcve.org/view.php?id=CVE-2022-0851
There is a flaw in convert2rhel. When the --activationkey option is used with convert2rhel, the activation key is subsequently passed to subscription-manager via the command line, which could allow unauthorized users locally on the machine to view the activation key via the process command line via e.g. htop or ps. The specific impact varies upon the subscription, but generally this would allow an attacker to register systems purchased by the victim until discovered; a form of fraud. This could occur regardless of how the activation key is supplied to convert2rhel because it involves how convert2rhel provides it to subscription-manager. Se presenta un fallo en convert2rhel. • https://access.redhat.com/security/cve/CVE-2022-0851 https://bugzilla.redhat.com/show_bug.cgi?id=2060217 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer •
CVE-2022-1662
https://notcve.org/view.php?id=CVE-2022-1662
In convert2rhel, there's an ansible playbook named ansible/run-convert2rhel.yml which passes the Red Hat Subscription Manager user password via the CLI to convert2rhel. This could allow unauthorized local users to view the password via the process list while convert2rhel is running. However, this ansible playbook is only an example in the upstream repository and it is not shipped in officially supported versions of convert2rhel. En convert2rhel, se presenta un ansible playbook llamado ansible/run-convert2rhel.yml que pasa la contraseña del usuario de Red Hat Subscription Manager por medio de la CLI a convert2rhel. Esto podría permitir a usuarios locales no autorizados visualizar la contraseña por medio de la lista de procesos mientras convert2rhel esta siendo ejecutando. • https://bugzilla.redhat.com/show_bug.cgi?id=2083851 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2022-0852 – convert2rhel: Red Hat account password passed via command line by code
https://notcve.org/view.php?id=CVE-2022-0852
There is a flaw in convert2rhel. convert2rhel passes the Red Hat account password to subscription-manager via the command line, which could allow unauthorized users locally on the machine to view the password via the process command line via e.g. htop or ps. The specific impact varies upon the privileges of the Red Hat account in question, but it could affect the integrity, availability, and/or data confidentiality of other systems that are administered by that account. This occurs regardless of how the password is supplied to convert2rhel. Se presentan un fallo en convert2rhel. convert2rhel pasa la contraseña de la cuenta de Red Hat a subscription-manager por medio de la línea de comandos, lo que podría permitir a usuarios no autorizados localmente en la máquina visualizar la contraseña por medio de la línea de comandos del proceso, por ejemplo, htop o ps. El impacto específico varía según los privilegios de la cuenta de Red Hat en cuestión, pero podría afectar la integridad, disponibilidad y/o confidencialidad de los datos de otros sistemas que son administrados por esa cuenta. • https://access.redhat.com/security/cve/CVE-2022-0852 https://bugzilla.redhat.com/show_bug.cgi?id=2060129 https://github.com/oamg/convert2rhel/commit/8d72fb030ed31116fdb256b327d299337b000af4 https://github.com/oamg/convert2rhel/pull/492 https://issues.redhat.com/browse/RHELC-432 • CWE-359: Exposure of Private Personal Information to an Unauthorized Actor CWE-668: Exposure of Resource to Wrong Sphere •