cbcvebase.
CVE-2024-7012
published 2024-09-04

CVE-2024-7012: An authentication bypass vulnerability has been identified in Foreman when deployed with External Authentication, due to the puppet-foreman configuration. This…

PriorityP265critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.77%
51.0th percentile
An authentication bypass vulnerability has been identified in Foreman when deployed with External Authentication, due to the puppet-foreman configuration. This issue arises from Apache's mod_proxy not properly unsetting headers because of restrictions on underscores in HTTP headers, allowing authentication through a malformed header. This flaw impacts all active Satellite deployments (6.13, 6.14 and 6.15) and could potentially enable unauthorized users to gain administrative access.

Affected

3 ranges
VendorProductVersion rangeFixed in
redhatsatellite
redhatsatellite
redhatsatellite

Detection & IOCsextracted from sources · hover to see the quote

  • Authentication bypass is achieved by sending a malformed HTTP header with underscores; Apache mod_proxy fails to unset headers containing underscores, allowing the header to pass through to Foreman and satisfy External Authentication checks.
  • Monitor for unexpected administrative access or privilege escalation in Foreman/Satellite deployments (versions 6.13, 6.14, 6.15) that use External Authentication, as unauthorized users may gain admin access via this bypass.
  • ·The vulnerability only affects Foreman deployments configured with External Authentication via the puppet-foreman configuration. Deployments not using External Authentication are not impacted.
  • ·No mitigation is currently available that meets Red Hat Product Security criteria; patching is the recommended remediation path.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vendor_redhat9.8CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.