Lucene search
RedHatRHSA-2024:3843HistoryJun 11, 2024 - 6:28 p.m.
(RHSA-2024:3843) Moderate: cockpit security update
2024-06-1118:28:01
access.redhat.com
3
cockpit
web-based administration
cve-2024-2947
CVSS3
7.3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
AI Score
7.4
Confidence
Low
EPSS
0
Percentile
16.3%
Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more.
Security Fix(es):
- cockpit: command injection when deleting a sosreport with a crafted name (CVE-2024-2947)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 9 | x86_64 | cockpit | < 311.2-1.el9_4 | cockpit-311.2-1.el9_4.x86_64.rpm |
| RedHat | 9 | s390x | cockpit-ws | < 311.2-1.el9_4 | cockpit-ws-311.2-1.el9_4.s390x.rpm |
| RedHat | 9 | noarch | cockpit-storaged | < 311.2-1.el9_4 | cockpit-storaged-311.2-1.el9_4.noarch.rpm |
| RedHat | 9 | noarch | cockpit-doc | < 311.2-1.el9_4 | cockpit-doc-311.2-1.el9_4.noarch.rpm |
| RedHat | 9 | x86_64 | cockpit-debugsource | < 311.2-1.el9_4 | cockpit-debugsource-311.2-1.el9_4.x86_64.rpm |
| RedHat | 9 | ppc64le | cockpit-bridge | < 311.2-1.el9_4 | cockpit-bridge-311.2-1.el9_4.ppc64le.rpm |
| RedHat | 9 | s390x | cockpit-bridge | < 311.2-1.el9_4 | cockpit-bridge-311.2-1.el9_4.s390x.rpm |
| RedHat | 9 | aarch64 | cockpit-pcp | < 311.2-1.el9_4 | cockpit-pcp-311.2-1.el9_4.aarch64.rpm |
| RedHat | 9 | ppc64le | cockpit-ws | < 311.2-1.el9_4 | cockpit-ws-311.2-1.el9_4.ppc64le.rpm |
| RedHat | 9 | aarch64 | cockpit-ws | < 311.2-1.el9_4 | cockpit-ws-311.2-1.el9_4.aarch64.rpm |
Related
debiancve
debiancve
CVE-2024-2947
2024-03-28 19:15:48
ubuntucve
ubuntucve
CVE-2024-2947
2024-03-28 00:00:00
osv
osv
Moderate: cockpit security update
2024-06-14 13:59:16
cockpit - security update
2024-04-04 00:00:00
Moderate: cockpit security update
2024-06-06 00:00:00
almalinux
almalinux
Moderate: cockpit security update
2024-06-11 00:00:00
Moderate: cockpit security update
2024-06-06 00:00:00
rocky
rocky
cockpit security update
2024-06-14 13:59:16
openvas
openvas
Fedora: Security Advisory (FEDORA-2024-6065341780)
2024-04-03 00:00:00
Fedora: Security Advisory for cockpit (FEDORA-2024-31e83b461d)
2024-05-27 00:00:00
Fedora: Security Advisory (FEDORA-2024-4e95f130fc)
2024-04-03 00:00:00
oraclelinux
oraclelinux
cockpit security update
2024-06-11 00:00:00
cockpit security update
2024-06-06 00:00:00
nessus
nessus
AlmaLinux 8 : cockpit (ALSA-2024:3667)
2024-06-06 00:00:00
RHEL 9 : cockpit (RHSA-2024:3843)
2024-06-12 00:00:00
Fedora 38 : cockpit (2024-31e83b461d)
2024-04-18 00:00:00
cve
cve
CVE-2024-2947
2024-03-28 19:15:48
fedora
fedora
[SECURITY] Fedora 39 Update: cockpit-314-1.fc39
2024-03-30 01:11:05
[SECURITY] Fedora 40 Update: cockpit-314-1.fc40
2024-03-31 00:20:39
[SECURITY] Fedora 38 Update: cockpit-311.2-1.fc38
2024-04-18 01:14:43
nvd
nvd
CVE-2024-2947
2024-03-28 19:15:48
vulnrichment
vulnrichment
debian
debian
[SECURITY] [DSA 5655-1] cockpit security update
2024-04-04 18:58:35
veracode
veracode
Command Injection
2024-04-04 10:52:12
redhat
redhat
(RHSA-2024:3667) Moderate: cockpit security update
2024-06-06 08:23:46
redhatcve
redhatcve
CVE-2024-2947
2024-03-27 13:51:46
cvelist
cvelist
CVSS3
7.3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
AI Score
7.4
Confidence
Low
EPSS
0
Percentile
16.3%
Related for RHSA-2024:3843