RHSA-2016:0590 - Security Advisory

Topic

An update for spacewalk-java is now available for Red Hat Satellite 5.7.

Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.

Description

Red Hat Satellite is a system management tool for Linux-based infrastructures. It allows for provisioning, monitoring, and the remote management of multiple Linux deployments with a single, centralized tool.

Security Fix(es):

• A cross-site scripting (XSS) flaw was found in how XML data was handled in Red Hat Satellite. A user able to use the XMLRPC API could exploit this flaw to perform XSS attacks against other Satellite users. (CVE-2015-0284)
• Multiple cross-site scripting (XSS) flaws were found in the way certain form data was handled in Red Hat Satellite. A user able to enter form data could use these flaws to perform XSS attacks against other Satellite users. (CVE-2016-2103, CVE-2016-3079)
• Multiple cross-site scripting (XSS) flaws were found in the way HTTP GET parameter data was handled in Red Hat Satellite. A user able to provide malicious links to a Satellite user could use these flaws to perform XSS attacks against other Satellite users. (CVE-2016-2104)

Red Hat would like to thank Adam Willard (Raytheon Foreground Security) for reporting CVE-2016-2104. The CVE-2015-0284 and CVE-2016-3079 issues were discovered by Jan Hutař (Red Hat).

Solution

For details on how to apply this update, which includes the changes described in
this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

• Red Hat Satellite 5.7 x86_64
• Red Hat Satellite 5.7 s390x

Fixes

• BZ - 1181152 - XSS when altering user details and going somewhere where you are choosing user
• BZ - 1181472 - CVE-2015-0284 Red Hat Satellite: stored XSS in user details fields (incomplete fix for CVE-2014-7811)
• BZ - 1305677 - CVE-2016-2104 Satellite 5: stored and reflected XSS vulnerabilities
• BZ - 1305681 - CVE-2016-2103 Satellite 5: multiple stored XSS vulnerabilities
• BZ - 1313515 - (CVE-2016-2104) Satellite 5: multiple XSS vulnerabilities
• BZ - 1313517 - (CVE-2016-2103) Satellite 5: multiple XSS vulnerabilities
• BZ - 1320444 - (CVE-2016-3079) XSS on pages for entitlements management
• BZ - 1320452 - (CVE-2016-3079) two XSS issues due to element creation in SSM (Perl stack) and displaying outside of it
• BZ - 1320940 - CVE-2016-3079 spacewalk-java: Multiple XSS issues in WebUI

CVEs

• CVE-2016-2104
• CVE-2016-3079
• CVE-2015-0284
• CVE-2016-2103

References

• https://access.redhat.com/security/updates/classification/#moderate