CVE-2012-3503

CWE-798 — Hard-coded Credentials6 documents6 sources

Severity

9.8CRITICAL

EPSS

1.3%

top 20.26%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Theforeman Katello Redhat Enterprise Linux Server

Timeline

PublishedAug 25

Latest updateMay 17

Description

The installation script in Katello 1.0 and earlier does not properly generate the Application.config.secret_token value, which causes each default installation to have the same secret token, and allows remote attackers to authenticate to the CloudForms System Engine web interface as an arbitrary user by creating a cookie using the default secret_token.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages3 packages

▶RubyGemskatello1.1.0 — 1.1.7+1

▶NVDtheforeman/katello1.0

▶NVDredhat/enterprise_linux_server6.0

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

OSV

Katello uses hard coded credential↗2022-05-17

▶

GHSA

Katello uses hard coded credential↗2022-05-17

▶

CVEList

CVE-2012-3503: The installation script in Katello 1↗2012-08-25

▶

📋Vendor Advisories

Red Hat

Katello: Application.config.secret_token is not generated properly↗2012-08-21

▶

💬Community

Bugzilla

CVE-2012-3503 Katello: Application.config.secret_token is not generated properly↗2012-08-17

▶