CVE-2012-3503
Katello: Application.config.secret_token is not generated properly
Severity Score
9.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The installation script in Katello 1.0 and earlier does not properly generate the Application.config.secret_token value, which causes each default installation to have the same secret token, and allows remote attackers to authenticate to the CloudForms System Engine web interface as an arbitrary user by creating a cookie using the default secret_token.
El script de instalaciĆ³n en Katello 1.0 y anteriores no genera correctamente el valor Application.config.secret_token, lo que hace que cada instalaciĆ³n por defecto tenga el mismo testigo secreto, y permite a atacantes remotos autenticarse en el sistema de interfaz web CloudForms Engine como un usuario arbitrario creando una cookie mediante el secret_token por defecto.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2012-06-14 CVE Reserved
- 2012-08-21 CVE Published
- 2024-02-14 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-798: Use of Hard-coded Credentials
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| http://secunia.com/advisories/50344 | Broken Link | |
| http://www.securityfocus.com/bid/55140 | Broken Link | |
| https://github.com/Katello/katello/pull/499 | Issue Tracking |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://github.com/Katello/katello/commit/7c256fef9d75029d0ffff58ff1dcda915056d3a3 | 2024-02-13 |
| URL | Date | SRC |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2012-1186.html | 2024-02-13 | |
| http://rhn.redhat.com/errata/RHSA-2012-1187.html | 2024-02-13 | |
| https://access.redhat.com/security/cve/CVE-2012-3503 | 2012-08-21 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=849210 | 2012-08-21 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Theforeman Search vendor "Theforeman" | Katello Search vendor "Theforeman" for product "Katello" | <= 1.0 Search vendor "Theforeman" for product "Katello" and version " <= 1.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Server Search vendor "Redhat" for product "Enterprise Linux Server" | 6.0 Search vendor "Redhat" for product "Enterprise Linux Server" and version "6.0" | - |
Affected
| ||||||