CVE-2023-0118 - Vulnerability Details

An arbitrary code execution flaw was found in Foreman. This flaw allows an admin user to bypass safe mode in templates and execute arbitrary code on the underlying operating system.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00035.

Exploitation none

Automatable no

Technical Impact total

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

affected —

Red Hat

Red Hat Satellite 6.11 for RHEL 7

affected

Version	Status	Constraints
`0:3.1.1.27-1.el7sat`	unaffected	< *

Red Hat

Red Hat Satellite 6.11 for RHEL 7

affected

Version	Status	Constraints
`0:3.1.1.27-1.el7sat`	unaffected	< *

Red Hat

Red Hat Satellite 6.11 for RHEL 8

affected

Version	Status	Constraints
`0:3.1.1.27-1.el8sat`	unaffected	< *

Red Hat

Red Hat Satellite 6.11 for RHEL 8

affected

Version	Status	Constraints
`0:3.1.1.27-1.el8sat`	unaffected	< *

Red Hat

Red Hat Satellite 6.12 for RHEL 8

affected

Version	Status	Constraints
`0:1.3.8-1.el8sat`	unaffected	< *

Red Hat

Red Hat Satellite 6.13 for RHEL 8

affected

Version	Status	Constraints
`0:1.3.8-1.el8sat`	unaffected	< *

Red Hat

Red Hat Satellite 6.14 for RHEL 8

affected

Version	Status	Constraints
`0:3.7.0.9-1.el8sat`	unaffected	< *

Red Hat

Red Hat Satellite 6.14 for RHEL 8

affected

Version	Status	Constraints
`0:3.7.0.9-1.el8sat`	unaffected	< *

Configuration 1 [-]

cpe:2.3:a:theforeman:foreman:*:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:a:redhat:satellite:*:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

Package	CPE	Advisory	Released Date
Red Hat Satellite 6.11 for RHEL 7
foreman-0:3.1.1.27-1.el7sat	cpe:/a:redhat:satellite:6.11::el7	RHSA-2023:5980	2023-10-20T00:00:00Z
foreman-0:3.1.1.27-1.el7sat	cpe:/a:redhat:satellite_capsule:6.11::el7	RHSA-2023:5980	2023-10-20T00:00:00Z
foreman-0:3.1.1.27-1.el7sat	cpe:/a:redhat:satellite_utils:6.11::el7	RHSA-2023:5980	2023-10-20T00:00:00Z
Red Hat Satellite 6.11 for RHEL 8
foreman-0:3.1.1.27-1.el8sat	cpe:/a:redhat:satellite:6.11::el8	RHSA-2023:5980	2023-10-20T00:00:00Z
foreman-0:3.1.1.27-1.el8sat	cpe:/a:redhat:satellite_capsule:6.11::el8	RHSA-2023:5980	2023-10-20T00:00:00Z
foreman-0:3.1.1.27-1.el8sat	cpe:/a:redhat:satellite_utils:6.11::el8	RHSA-2023:5980	2023-10-20T00:00:00Z
Red Hat Satellite 6.12 for RHEL 8
rubygem-safemode-0:1.3.8-1.el8sat	cpe:/a:redhat:satellite:6.12::el8	RHSA-2023:5979	2023-10-20T00:00:00Z
Red Hat Satellite 6.13 for RHEL 8
rubygem-safemode-0:1.3.8-1.el8sat	cpe:/a:redhat:satellite:6.13::el8	RHSA-2023:4466	2023-08-03T00:00:00Z
Red Hat Satellite 6.14 for RHEL 8
foreman-0:3.7.0.9-1.el8sat	cpe:/a:redhat:satellite:6.14::el8	RHSA-2023:6818	2023-11-08T00:00:00Z
foreman-0:3.7.0.9-1.el8sat	cpe:/a:redhat:satellite_capsule:6.14::el8	RHSA-2023:6818	2023-11-08T00:00:00Z
foreman-0:3.7.0.9-1.el8sat	cpe:/a:redhat:satellite_utils:6.14::el8	RHSA-2023:6818	2023-11-08T00:00:00Z

No data.

Project Subscriptions

Vendors	Products
Redhat Subscribe	Enterprise Linux Subscribe Satellite Subscribe Satellite Capsule Subscribe Satellite Maintenance Subscribe Satellite Utils Subscribe
Theforeman Subscribe	Foreman Subscribe

Advisories

Source	ID	Title
EUVD	EUVD-2023-12208	An arbitrary code execution flaw was found in Foreman. This flaw allows an admin user to bypass safe mode in templates and execute arbitrary code on the underlying operating system.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://access.redhat.com/errata/RHSA-2023:4466
https://access.redhat.com/errata/RHSA-2023:5979
https://access.redhat.com/errata/RHSA-2023:5980
https://access.redhat.com/errata/RHSA-2023:6818
https://access.redhat.com/security/cve/CVE-2023-0118
https://bugzilla.redhat.com/show_bug.cgi?id=2159291
https://nvd.nist.gov/vuln/detail/CVE-2023-0118
https://www.cve.org/CVERecord?id=CVE-2023-0118

History

Wed, 18 Sep 2024 08:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2023-09-20T13:39:27.756Z

Updated: 2024-09-17T13:51:28.373Z

Reserved: 2023-01-09T13:21:05.016Z

Link: CVE-2023-0118

Vulnrichment

Updated: 2024-08-02T05:02:43.821Z

NVD

Status : Modified

Published: 2023-09-20T14:15:12.827

Modified: 2024-11-21T07:36:35.247

Link: CVE-2023-0118

Redhat

Severity : Important

Publid Date: 2023-03-12T00:00:00Z

Links: CVE-2023-0118 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

CWE-78

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object