Lucene search
This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2019-3045.NASLHistoryOct 15, 2019 - 12:00 a.m.
RHEL 7 : Red Hat Single Sign-On 7.3.4 (RHSA-2019:3045)
2019-10-1500:00:00
This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
13
8.8 High
AI Score
Confidence
Low
New Red Hat Single Sign-On 7.3.4 packages are now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.3.4 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.3.3, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es) :
-
keycloak: cross-realm user access auth bypass (CVE-2019-14832)
-
keycloak: adapter endpoints are exposed via arbitrary URLs (CVE-2019-14820)
-
jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message (CVE-2019-12814)
-
jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)
-
jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server (CVE-2019-12086)
-
undertow: Information leak in requests for directories without trailing slashes (CVE-2019-10184)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2019:3045. The text
# itself is copyright (C) Red Hat, Inc.
#
include('compat.inc');
if (description)
{
script_id(129864);
script_version("1.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/18");
script_cve_id(
"CVE-2019-10184",
"CVE-2019-12086",
"CVE-2019-12814",
"CVE-2019-14379",
"CVE-2019-14820",
"CVE-2019-14832"
);
script_xref(name:"RHSA", value:"2019:3045");
script_name(english:"RHEL 7 : Red Hat Single Sign-On 7.3.4 (RHSA-2019:3045)");
script_set_attribute(attribute:"synopsis", value:
"The remote Red Hat host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"New Red Hat Single Sign-On 7.3.4 packages are now available for Red
Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security
impact of Important. A Common Vulnerability Scoring System (CVSS) base
score, which gives a detailed severity rating, is available for each
vulnerability from the CVE link(s) in the References section.
Red Hat Single Sign-On 7.3 is a standalone server, based on the
Keycloak project, that provides authentication and standards-based
single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.3.4 on RHEL 7 serves as a
replacement for Red Hat Single Sign-On 7.3.3, and includes bug fixes
and enhancements, which are documented in the Release Notes document
linked to in the References.
Security Fix(es) :
* keycloak: cross-realm user access auth bypass (CVE-2019-14832)
* keycloak: adapter endpoints are exposed via arbitrary URLs
(CVE-2019-14820)
* jackson-databind: polymorphic typing issue allows attacker to read
arbitrary local files on the server via crafted JSON message
(CVE-2019-12814)
* jackson-databind: default typing mishandling leading to remote code
execution (CVE-2019-14379)
* jackson-databind: polymorphic typing issue allows attacker to read
arbitrary local files on the server (CVE-2019-12086)
* undertow: Information leak in requests for directories without
trailing slashes (CVE-2019-10184)
For more details about the security issue(s), including the impact, a
CVSS score, and other related information, refer to the CVE page(s)
listed in the References section.");
# https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?93d4a9a3");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2019:3045");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-10184");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-12086");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-12814");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-14379");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-14820");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-14832");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-14379");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2019/05/17");
script_set_attribute(attribute:"patch_publication_date", value:"2019/10/14");
script_set_attribute(attribute:"plugin_publication_date", value:"2019/10/15");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rh-sso7-keycloak");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rh-sso7-keycloak-server");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rh-sso7-libunix-dbus-java");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rh-sso7-libunix-dbus-java-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rh-sso7-libunix-dbus-java-devel");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Red Hat Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 7.x", "Red Hat " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo))
{
rhsa = "RHSA-2019:3045";
yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
if (!empty_or_null(yum_report))
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : yum_report
);
exit(0);
}
else
{
audit_message = "affected by Red Hat security advisory " + rhsa;
audit(AUDIT_OS_NOT, audit_message);
}
}
else
{
flag = 0;
if (rpm_check(release:"RHEL7", reference:"rh-sso7-keycloak-4.8.13-1.Final_redhat_00001.1.el7sso")) flag++;
if (rpm_check(release:"RHEL7", reference:"rh-sso7-keycloak-server-4.8.13-1.Final_redhat_00001.1.el7sso")) flag++;
if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"rh-sso7-libunix-dbus-java-0.8.0-2.el7sso")) flag++;
if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"rh-sso7-libunix-dbus-java-debuginfo-0.8.0-2.el7sso")) flag++;
if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"rh-sso7-libunix-dbus-java-devel-0.8.0-2.el7sso")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get() + redhat_report_package_caveat()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "rh-sso7-keycloak / rh-sso7-keycloak-server / etc");
}
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | enterprise_linux | rh-sso7-keycloak | p-cpe:/a:redhat:enterprise_linux:rh-sso7-keycloak |
| redhat | enterprise_linux | rh-sso7-keycloak-server | p-cpe:/a:redhat:enterprise_linux:rh-sso7-keycloak-server |
| redhat | enterprise_linux | rh-sso7-libunix-dbus-java | p-cpe:/a:redhat:enterprise_linux:rh-sso7-libunix-dbus-java |
| redhat | enterprise_linux | rh-sso7-libunix-dbus-java-debuginfo | p-cpe:/a:redhat:enterprise_linux:rh-sso7-libunix-dbus-java-debuginfo |
| redhat | enterprise_linux | rh-sso7-libunix-dbus-java-devel | p-cpe:/a:redhat:enterprise_linux:rh-sso7-libunix-dbus-java-devel |
| redhat | enterprise_linux | 7 | cpe:/o:redhat:enterprise_linux:7 |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10184
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12086
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12814
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14379
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14820
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14832
www.nessus.org/u?93d4a9a3
access.redhat.com/errata/RHSA-2019:3045
access.redhat.com/security/cve/cve-2019-10184
access.redhat.com/security/cve/cve-2019-12086
access.redhat.com/security/cve/cve-2019-12814
access.redhat.com/security/cve/cve-2019-14379
access.redhat.com/security/cve/cve-2019-14820
access.redhat.com/security/cve/cve-2019-14832
Related
nessus
nessus
RHEL 8 : Red Hat Single Sign-On 7.3.4 (RHSA-2019:3046)
2019-10-15 00:00:00
RHEL 6 : Red Hat Single Sign-On 7.3.4 (RHSA-2019:3044)
2019-10-15 00:00:00
RHEL 7 : JBoss EAP (RHSA-2019:2936)
2019-10-02 00:00:00
redhat
redhat
ibm
ibm
fedora
fedora
[SECURITY] Fedora 31 Update: jackson-bom-2.9.9-1.fc31
2019-09-18 00:07:22
[SECURITY] Fedora 31 Update: jackson-core-2.9.9-1.fc31
2019-09-18 00:07:22
[SECURITY] Fedora 30 Update: jackson-databind-2.9.9.3-1.fc30
2019-09-22 02:26:43
openvas
openvas
Fedora Update for jackson-core FEDORA-2019-fb23eccc03
2019-09-23 00:00:00
Fedora Update for jackson-annotations FEDORA-2019-99ff6aa32c
2020-01-09 00:00:00
Fedora Update for jackson-databind FEDORA-2019-99ff6aa32c
2020-01-09 00:00:00
rocky
rocky
pki-core:10.6 and pki-deps:10:6 bug fix and enhancement update
2019-11-05 17:43:24
veracode
veracode
Authentication Bypass
2019-10-15 00:23:04
Information Disclosure
2019-10-15 00:23:04
Information Disclosure
2019-07-26 07:06:02
prion
prion
Design/Logic Flaw
2019-10-15 19:15:00
Memory corruption
2019-07-25 21:15:00
Information disclosure
2020-01-08 15:15:00
cve
cve
osv
osv
Keycloak Unauthenticated Access
2022-05-24 16:58:47
Exposure of Sensitive Information to an Unauthorized Actor in Keycloak
2020-04-15 21:08:21
CVE-2019-14832
2019-10-15 19:15:11
redhatcve
redhatcve
github
github
Keycloak Unauthenticated Access
2022-05-24 16:58:47
Exposure of Sensitive Information to an Unauthorized Actor in Keycloak
2020-04-15 21:08:21
ubuntucve
ubuntucve
debiancve
debiancve
githubexploit
githubexploit
Exploit for Deserialization of Untrusted Data in Fasterxml Jackson-Databind
2020-05-22 17:10:10
Exploit for Deserialization of Untrusted Data in Fasterxml Jackson-Databind
2019-05-26 03:19:49
freebsd
freebsd
Payara -- A Polymorphic Typing issue in FasterXML jackson-databind
2019-05-17 00:00:00
symantec
symantec
debian
debian
[SECURITY] [DLA 1798-1] jackson-databind security update
2019-05-21 12:59:15
[SECURITY] [DLA 1831-1] jackson-databind security update
2019-06-21 15:09:36
[SECURITY] [DLA 1879-1] jackson-databind security update
2019-08-12 22:19:38
cloudfoundry
cloudfoundry
mageia
mageia
Updated jackson-databind packages fix security vulnerabilities
2021-03-27 17:27:02
apple
apple
About the security content of Xcode 13.3
2022-03-14 00:00:00
ubuntu
ubuntu
Jackson Databind vulnerabilities
2021-03-15 00:00:00
hp
hp
HP Device Manager Security Updates
2023-10-20 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - October 2019
2020-01-22 00:00:00
Oracle Critical Patch Update Advisory - January 2020
2020-01-14 00:00:00