Nixpkgs security tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestion detail

Untriaged
Permalink CVE-2024-4871
6.8 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): NONE
created 1 year, 3 months ago
Foreman: host ssh key not being checked in remote execution

A vulnerability was found in Satellite. When running a remote execution job on a host, the host's SSH key is not being checked. When the key changes, the Satellite still connects it because it uses "-o StrictHostKeyChecking=no". This flaw can lead to a man-in-the-middle attack (MITM), denial of service, leaking of secrets the remote execution job contains, or other issues that may arise from the attacker's ability to forge an SSH key. This issue does not directly allow unauthorized remote execution on the Satellite, although it can leak secrets that may lead to it.

References

Affected products

foreman
  • ==3.9.1.8
  • *
candlepin
  • *
satellite
  • *
python-pulpcore
  • *
rubygem-dynflow
  • *
rubygem-katello
  • *
foreman-installer
  • *
python-pulp-container
  • *
rubygem-foreman_ansible
  • *
rubygem-foreman_remote_execution
  • *
rubygem-smart_proxy_container_gateway
  • *
rubygem-smart_proxy_remote_execution_ssh
  • *

Matching in nixpkgs

pkgs.foreman

Process manager for applications with multiple components

pkgs.satellite

Program for showing navigation satellite data

Package maintainers