CVE-2021-40348 — Vulnetix

Try Vulnetix Request Demo

CVE-2021-40348 PUBLISHED CVSS 8.800000190734863 HIGH

Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code injection. rhn-config-satellite.pl doesn't sanitize the configuration filename used to append Spacewalk-specific key-value pair. The script is intended to be run by the tomcat user account with Sudo, according to the installation setup. This can lead to the ability of an attacker to use --option to append arbitrary code to a root-owned file that eventually will be executed by the system. This is fixed in Uyuni spacewalk-admin 4.3.2-1.

EPSS 0.45% · 63.3th percentile

Risk Scores

CVSS v3.1

8.800000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

0.45%

63.3th percentile

Affected Products

Vendor	Product	Versions
uyuni-project	uyuni	2021.08
n/a	n/a	n/a
spacewalk_project	spacewalk	2.10

Timeline

Nov 1, 2021 EPSS Score
Nov 1, 2021 CVE Published
Dec 26, 2021 EPSS Score
Jan 6, 2022 EPSS Score
Feb 4, 2022 EPSS Score
Apr 1, 2022 EPSS Score
Apr 16, 2022 EPSS Score
Jun 10, 2022 EPSS Score
Aug 5, 2022 EPSS Score
Sep 30, 2022 EPSS Score
Nov 24, 2022 EPSS Score
Jan 18, 2023 EPSS Score

References

Open in Interactive Console →