Impact: Moderate Public Date: 2019-04-10 CWE: CWE-532 Bugzilla: 1693867: CVE-2019-3891 candlepin: credentials exposure through log files It was discovered that a world-readable log file belonging to Candlepin component of Red Hat Satellite 6.4 leaked the credentials of the Candlepin database. A malicious user with local access to a Satellite host can use those credentials to modify the database and prevent Satellite from fetching package updates, thus preventing all Satellite hosts from accessing those updates.
Find out more about CVE-2019-3891 from the MITRE CVE dictionary dictionary and NIST NVD.
NOTE: The following CVSS v3 metrics and score provided are preliminary and subject to review.
| CVSS3 Base Score | 5.5 |
|---|---|
| CVSS3 Base Metrics | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
| Attack Vector | Local |
| Attack Complexity | Low |
| Privileges Required | Low |
| User Interaction | None |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity Impact | None |
| Availability Impact | None |
| Platform | Package | State |
|---|---|---|
| Red Hat Satellite 6 | candlepin | Affected |
Remove world readable permission from /var/log/candlepin/cpdb.log, by executing the following on the console of the machine where Red Hat Satellite is installed, as root:
chmod o-r /var/log/candlepin/cpdb.log
Vulmon