CVE-2012-3503
CRITICAL9.8EPSS 1.3%Katello uses hard coded credential
Published: 5/17/2022Modified: 4/11/2024
Also known as:GHSA-5xv2-q475-rwrh
Description
The installation script in Katello 1.0 and earlier does not properly generate the `Application.config.secret_token` value, which causes each default installation to have the same secret token, and allows remote attackers to authenticate to the CloudForms System Engine web interface as an arbitrary user by creating a cookie using the default `secret_token`.
Affected packages (1)
- RubyGems/katellofrom 0, < 1.0.6
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | CRITICAL9.8 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
References (10)
- ADVISORYhttps://github.com/advisories/GHSA-5xv2-q475-rwrh
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2012-3503
- PATCHhttps://github.com/Katello/katello
- WEBhttp://rhn.redhat.com/errata/RHSA-2012-1186.html
- WEBhttp://rhn.redhat.com/errata/RHSA-2012-1187.html
- WEBhttps://github.com/Katello/katello/commit/7c256fef9d75029d0ffff58ff1dcda915056d3a3
- WEBhttps://github.com/Katello/katello/pull/499
- WEBhttps://github.com/rubysec/ruby-advisory-db/blob/master/gems/katello/CVE-2012-3503.yml
- WEBhttps://web.archive.org/web/20140806122239/http://secunia.com/advisories/50344
- WEBhttps://web.archive.org/web/20200229120740/http://www.securityfocus.com/bid/55140