検出

プラグイン

RHEL 7：Satellite Server（RHSA-2018:2927）

critical Nessus プラグイン ID 118185

Language:

概要

リモートのRed Hatホストに1つ以上のセキュリティ更新プログラムがありません。

説明

RHEL 7用のRed Hat Satellite 6.4の更新プログラムが利用可能になりました。Red Hat製品セキュリティは、この更新がセキュリティに及ぼす影響を重要度高と評価しています。詳細な重要度評価を示すCVSS（共通脆弱性評価システム）ベーススコアは、「参照」セクションのCVEリンクから脆弱性ごとに入手できます。Red Hat Satelliteは、Linuxベースのインフラストラクチャ用のシステム管理ツールです。単一の集中型ツールで、多数のLinuxデプロイメントのプロビジョニング、リモート管理および監視を行うことができます。セキュリティ修正プログラム：* jackson-databind：不完全なブラックリストによる安全でない逆シリアル化（CVE-2017-7525の不完全な修正）（CVE-2017-15095）* hornetq：XPathセレクタにおけるXXE/SSRF（CVE-2015-3208）* bouncycastle：GCMBlockCipherの情報漏えい（CVE-2015-6644）* bouncycastle：署名の検証中にDSAがASN.1エンコーディングを完全に検証しないため、署名されていないデータが挿入される可能性があります。（CVE-2016-1000338）* bouncycastle：AESFastEngineクラスの情報漏えい（CVE-2016-1000339）* bouncycastle：タイミング攻撃を介したDSA署名生成の情報漏えい（CVE-2016-1000341）* bouncycastle：ECDSAによる署名のASN.1エンコーディングの不適切な検証（CVE-2016-1000342）* bouncycastle：DHIES実装によりECBモードが使用される可能性があります。（CVE-2016-1000344）* bouncycastle：DHIES/ECIES CBCモードは、パディングオラクル攻撃に対して脆弱です。（CVE-2016-1000345）* bouncycastle：他者のDH公開鍵が不完全に検証されています。（CVE-2016-1000346）* bouncycastle：ECIES実装によりECBモードが使用される可能性があります。（CVE-2016-1000352）* logback：SocketServerとServerSocketReceiverのシリアル化の脆弱性（CVE-2017-5929）* python-django：ユーザーが提供した数字からなるリダイレクトURLを介したオープンリダイレクトとXSS攻撃の可能性（CVE-2017-7233）* hibernate-validator：セキュリティマネージャーで実行しているときの権限昇格（CVE-2017-7536）* puppet：puppet-agentにおける環境の漏えい（CVE-2017-10690）* Satellite 6：ディスカバリールールフィルターの自動補完機能のXSS（CVE-2017-12175）* foreman：Factの名前または値におけるStored型XSS（CVE-2017-15100）* pulp：APIを使用した秘密資格情報の漏えい（CVE-2018-1090）* foreman：ウィジェットIDのパラメーターの不適切な処理によるSQLインジェクション（CVE-2018-1096）* foreman：Foreman APIによって漏えいされたOvirt管理者パスワード（CVE-2018-1097）* django：「urlize」と「urlizetrunc」を使用した正規表現の致命的なバックトラック（CVE-2018-7536）* django：「truncatechars_html」と「truncatewords_html」を使用した正規表現の致命的なバックトラック（CVE-2018-7537）* guava：AtomicDoubleArrayとCompoundOrderingクラスの無制限メモリ割り当てにより、リモートの攻撃者がサービス拒否を引き起こす可能性があります（CVE-2018-10237）* bouncycastle：math.raw.Nat???クラスのキャリープロパゲーションバグ（CVE-2016-1000340）* bouncycastle：DSA鍵ペアのジェネレーターがデフォルトで脆弱な秘密鍵を生成します。（CVE-2016-1000343）* puppet：tar/mini.rbのターボール開封により、安全でないアクセス許可でファイルが作成される可能性があります。（CVE-2017-10689）* bouncycastle：簡単なハッシュ衝突に対して脆弱なBKS-V1キーストアファイル（CVE-2018-5382）影響、CVSSスコア、その他の関連情報を含むセキュリティの問題の詳細については、「参照」セクションに記載されているCVEのページを参照してください。Red Hatは、CVE-2017-15095を報告してくれたLiao Xinxi氏（NSFOCUS）、CVE-2017-7233とCVE-2018-7536とCVE-2018-7537を報告してくれたDjangoプロジェクトに感謝の意を表します。CVE-2017-7536の問題はGunnar Morling氏（Red Hat）により発見され、CVE-2018-1096の問題はMartin Povolny氏（Red Hat）により発見されました。Red Hatは、CVE-2015-3208を報告してくれたDavid Jorm氏（IIX Product Security）に感謝の意を表します・追加の変更：この更新プログラムでは複数のバグが修正され、さまざまな拡張機能が追加されます。これらの変更に関するドキュメントは、「参照」セクションにリンクされているリリースノートのドキュメントから入手できます。

ソリューション

影響を受けるパッケージを更新してください。

参考資料

https://access.redhat.com/security/cve/cve-2017-12175

https://access.redhat.com/security/cve/cve-2017-15095

https://access.redhat.com/security/cve/cve-2017-15100

https://access.redhat.com/security/cve/cve-2018-1090

https://access.redhat.com/security/cve/cve-2018-1096

https://access.redhat.com/security/cve/cve-2018-1097

https://access.redhat.com/security/cve/cve-2018-5382

https://access.redhat.com/security/cve/cve-2018-7536

https://access.redhat.com/security/cve/cve-2018-7537

https://access.redhat.com/security/cve/cve-2018-10237

http://www.nessus.org/u?68e28b4d

https://access.redhat.com/errata/RHSA-2018:2927

https://access.redhat.com/security/cve/cve-2015-3208

https://access.redhat.com/security/cve/cve-2015-6644

https://access.redhat.com/security/cve/cve-2016-1000338

https://access.redhat.com/security/cve/cve-2016-1000339

https://access.redhat.com/security/cve/cve-2016-1000340

https://access.redhat.com/security/cve/cve-2016-1000341

https://access.redhat.com/security/cve/cve-2016-1000342

https://access.redhat.com/security/cve/cve-2016-1000343

https://access.redhat.com/security/cve/cve-2016-1000344

https://access.redhat.com/security/cve/cve-2016-1000345

https://access.redhat.com/security/cve/cve-2016-1000346

https://access.redhat.com/security/cve/cve-2016-1000352

https://access.redhat.com/security/cve/cve-2017-5929

https://access.redhat.com/security/cve/cve-2017-7233

https://access.redhat.com/security/cve/cve-2017-7536

https://access.redhat.com/security/cve/cve-2017-10689

https://access.redhat.com/security/cve/cve-2017-10690

プラグインの詳細

深刻度: Critical

ID: 118185

ファイル名: redhat-RHSA-2018-2927.nasl

バージョン: 1.9

タイプ: local

エージェント: unix

ファミリー: Red Hat Local Security Checks

公開日: 2018/10/18

更新日: 2022/12/5

サポートされているセンサー: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

リスク情報

VPR

リスクファクター: Medium

スコア: 6.7

CVSS v2

リスクファクター: High

基本値: 7.5

現状値: 5.5

ベクトル: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS スコアのソース: CVE-2018-5382

CVSS v3

リスクファクター: Critical

基本値: 9.8

現状値: 8.5

ベクトル: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

現状ベクトル: CVSS:3.0/E:U/RL:O/RC:C

脆弱性情報

CPE: p-cpe:/a:redhat:enterprise_linux:soappy, p-cpe:/a:redhat:enterprise_linux:ansiblerole-insights-client, p-cpe:/a:redhat:enterprise_linux:candlepin, p-cpe:/a:redhat:enterprise_linux:candlepin-selinux, p-cpe:/a:redhat:enterprise_linux:createrepo_c, p-cpe:/a:redhat:enterprise_linux:createrepo_c-debuginfo, p-cpe:/a:redhat:enterprise_linux:createrepo_c-libs, p-cpe:/a:redhat:enterprise_linux:foreman, p-cpe:/a:redhat:enterprise_linux:foreman-bootloaders-redhat, p-cpe:/a:redhat:enterprise_linux:foreman-bootloaders-redhat-tftpboot, p-cpe:/a:redhat:enterprise_linux:foreman-cli, p-cpe:/a:redhat:enterprise_linux:foreman-compute, p-cpe:/a:redhat:enterprise_linux:foreman-debug, p-cpe:/a:redhat:enterprise_linux:foreman-ec2, p-cpe:/a:redhat:enterprise_linux:foreman-gce, p-cpe:/a:redhat:enterprise_linux:foreman-installer, p-cpe:/a:redhat:enterprise_linux:foreman-installer-katello, p-cpe:/a:redhat:enterprise_linux:foreman-journald, p-cpe:/a:redhat:enterprise_linux:foreman-libvirt, p-cpe:/a:redhat:enterprise_linux:foreman-openstack, p-cpe:/a:redhat:enterprise_linux:foreman-ovirt, p-cpe:/a:redhat:enterprise_linux:foreman-postgresql, p-cpe:/a:redhat:enterprise_linux:foreman-proxy, p-cpe:/a:redhat:enterprise_linux:foreman-proxy-content, p-cpe:/a:redhat:enterprise_linux:foreman-rackspace, p-cpe:/a:redhat:enterprise_linux:foreman-selinux, p-cpe:/a:redhat:enterprise_linux:foreman-telemetry, p-cpe:/a:redhat:enterprise_linux:foreman-vmware, p-cpe:/a:redhat:enterprise_linux:hfsplus-tools, p-cpe:/a:redhat:enterprise_linux:hfsplus-tools-debuginfo, p-cpe:/a:redhat:enterprise_linux:katello, p-cpe:/a:redhat:enterprise_linux:katello-certs-tools, p-cpe:/a:redhat:enterprise_linux:katello-client-bootstrap, p-cpe:/a:redhat:enterprise_linux:katello-common, p-cpe:/a:redhat:enterprise_linux:katello-debug, p-cpe:/a:redhat:enterprise_linux:katello-installer-base, p-cpe:/a:redhat:enterprise_linux:katello-selinux, p-cpe:/a:redhat:enterprise_linux:rubygem-logging, p-cpe:/a:redhat:enterprise_linux:rubygem-mime-types, p-cpe:/a:redhat:enterprise_linux:rubygem-multi_json, p-cpe:/a:redhat:enterprise_linux:rubygem-netrc, p-cpe:/a:redhat:enterprise_linux:rubygem-newt, p-cpe:/a:redhat:enterprise_linux:rubygem-newt-debuginfo, p-cpe:/a:redhat:enterprise_linux:katello-service, p-cpe:/a:redhat:enterprise_linux:kobo, p-cpe:/a:redhat:enterprise_linux:libwebsockets, p-cpe:/a:redhat:enterprise_linux:libwebsockets-debuginfo, p-cpe:/a:redhat:enterprise_linux:liquibase, p-cpe:/a:redhat:enterprise_linux:livecd-tools, p-cpe:/a:redhat:enterprise_linux:mod_passenger, p-cpe:/a:redhat:enterprise_linux:mod_xsendfile, p-cpe:/a:redhat:enterprise_linux:mod_xsendfile-debuginfo, p-cpe:/a:redhat:enterprise_linux:ostree, p-cpe:/a:redhat:enterprise_linux:ostree-debuginfo, p-cpe:/a:redhat:enterprise_linux:pcp-mmvstatsd, p-cpe:/a:redhat:enterprise_linux:pulp-admin-client, p-cpe:/a:redhat:enterprise_linux:pulp-docker-admin-extensions, p-cpe:/a:redhat:enterprise_linux:pulp-docker-plugins, p-cpe:/a:redhat:enterprise_linux:pulp-katello, p-cpe:/a:redhat:enterprise_linux:pulp-maintenance, p-cpe:/a:redhat:enterprise_linux:pulp-ostree-admin-extensions, p-cpe:/a:redhat:enterprise_linux:pulp-ostree-plugins, p-cpe:/a:redhat:enterprise_linux:pulp-puppet-admin-extensions, p-cpe:/a:redhat:enterprise_linux:pulp-puppet-plugins, p-cpe:/a:redhat:enterprise_linux:pulp-puppet-tools, p-cpe:/a:redhat:enterprise_linux:pulp-rpm-admin-extensions, p-cpe:/a:redhat:enterprise_linux:pulp-rpm-plugins, p-cpe:/a:redhat:enterprise_linux:pulp-selinux, p-cpe:/a:redhat:enterprise_linux:pulp-server, p-cpe:/a:redhat:enterprise_linux:puppet-agent, p-cpe:/a:redhat:enterprise_linux:puppet-agent-oauth, p-cpe:/a:redhat:enterprise_linux:puppet-foreman_scap_client, p-cpe:/a:redhat:enterprise_linux:puppetlabs-stdlib, p-cpe:/a:redhat:enterprise_linux:puppetserver, p-cpe:/a:redhat:enterprise_linux:python-billiard-debuginfo, p-cpe:/a:redhat:enterprise_linux:python-blinker, p-cpe:/a:redhat:enterprise_linux:python-bson, p-cpe:/a:redhat:enterprise_linux:python-crane, p-cpe:/a:redhat:enterprise_linux:python-flask, p-cpe:/a:redhat:enterprise_linux:python-fpconst, p-cpe:/a:redhat:enterprise_linux:python-gnupg, p-cpe:/a:redhat:enterprise_linux:python-gofer, p-cpe:/a:redhat:enterprise_linux:python-gofer-qpid, p-cpe:/a:redhat:enterprise_linux:python-imgcreate, p-cpe:/a:redhat:enterprise_linux:python-isodate, p-cpe:/a:redhat:enterprise_linux:python-itsdangerous, p-cpe:/a:redhat:enterprise_linux:python-jinja2, p-cpe:/a:redhat:enterprise_linux:python-kid, p-cpe:/a:redhat:enterprise_linux:python-mongoengine, p-cpe:/a:redhat:enterprise_linux:python-nectar, p-cpe:/a:redhat:enterprise_linux:python-oauth2, p-cpe:/a:redhat:enterprise_linux:python-okaara, p-cpe:/a:redhat:enterprise_linux:python-pulp-bindings, p-cpe:/a:redhat:enterprise_linux:python-pulp-client-lib, p-cpe:/a:redhat:enterprise_linux:python-pulp-common, p-cpe:/a:redhat:enterprise_linux:python-pulp-docker-common, p-cpe:/a:redhat:enterprise_linux:python-pulp-integrity, p-cpe:/a:redhat:enterprise_linux:python-pulp-oid_validation, p-cpe:/a:redhat:enterprise_linux:python-pulp-ostree-common, p-cpe:/a:redhat:enterprise_linux:python-pulp-puppet-common, p-cpe:/a:redhat:enterprise_linux:python-pulp-repoauth, p-cpe:/a:redhat:enterprise_linux:python-pulp-rpm-common, p-cpe:/a:redhat:enterprise_linux:python-pulp-streamer, p-cpe:/a:redhat:enterprise_linux:python-pymongo, p-cpe:/a:redhat:enterprise_linux:python-pymongo-debuginfo, p-cpe:/a:redhat:enterprise_linux:python-pymongo-gridfs, p-cpe:/a:redhat:enterprise_linux:python-qpid, p-cpe:/a:redhat:enterprise_linux:python-qpid-proton, p-cpe:/a:redhat:enterprise_linux:python-qpid-qmf, p-cpe:/a:redhat:enterprise_linux:python-saslwrapper, p-cpe:/a:redhat:enterprise_linux:python-semantic_version, p-cpe:/a:redhat:enterprise_linux:python-simplejson, p-cpe:/a:redhat:enterprise_linux:python-simplejson-debuginfo, p-cpe:/a:redhat:enterprise_linux:python-twisted-core, p-cpe:/a:redhat:enterprise_linux:python-twisted-core-debuginfo, p-cpe:/a:redhat:enterprise_linux:rubygem-oauth, p-cpe:/a:redhat:enterprise_linux:rubygem-openscap, p-cpe:/a:redhat:enterprise_linux:rubygem-passenger, p-cpe:/a:redhat:enterprise_linux:rubygem-passenger-debuginfo, p-cpe:/a:redhat:enterprise_linux:rubygem-passenger-native, p-cpe:/a:redhat:enterprise_linux:rubygem-passenger-native-libs, p-cpe:/a:redhat:enterprise_linux:rubygem-powerbar, p-cpe:/a:redhat:enterprise_linux:rubygem-rake, p-cpe:/a:redhat:enterprise_linux:rubygem-rb-inotify, p-cpe:/a:redhat:enterprise_linux:rubygem-rest-client, p-cpe:/a:redhat:enterprise_linux:rubygem-rkerberos, p-cpe:/a:redhat:enterprise_linux:rubygem-rkerberos-debuginfo, p-cpe:/a:redhat:enterprise_linux:rubygem-rsec, p-cpe:/a:redhat:enterprise_linux:rubygem-rubyipmi, p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_ansible, p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_dhcp_remote_isc, p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_discovery, p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_discovery_image, p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_dynflow, p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_openscap, p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_pulp, p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_remote_execution_ssh, p-cpe:/a:redhat:enterprise_linux:rubygem-tilt, p-cpe:/a:redhat:enterprise_linux:saslwrapper, p-cpe:/a:redhat:enterprise_linux:python-twisted-web, p-cpe:/a:redhat:enterprise_linux:python-werkzeug, p-cpe:/a:redhat:enterprise_linux:python-zope-interface, p-cpe:/a:redhat:enterprise_linux:python-zope-interface-debuginfo, p-cpe:/a:redhat:enterprise_linux:python2-amqp, p-cpe:/a:redhat:enterprise_linux:python2-billiard, p-cpe:/a:redhat:enterprise_linux:python2-celery, p-cpe:/a:redhat:enterprise_linux:python2-django, p-cpe:/a:redhat:enterprise_linux:python2-kombu, p-cpe:/a:redhat:enterprise_linux:python2-vine, p-cpe:/a:redhat:enterprise_linux:qpid-cpp-client, p-cpe:/a:redhat:enterprise_linux:qpid-cpp-client-devel, p-cpe:/a:redhat:enterprise_linux:qpid-cpp-debuginfo, p-cpe:/a:redhat:enterprise_linux:qpid-cpp-server, p-cpe:/a:redhat:enterprise_linux:qpid-cpp-server-linearstore, p-cpe:/a:redhat:enterprise_linux:qpid-dispatch-debuginfo, p-cpe:/a:redhat:enterprise_linux:qpid-dispatch-router, p-cpe:/a:redhat:enterprise_linux:qpid-dispatch-tools, p-cpe:/a:redhat:enterprise_linux:qpid-proton-c, p-cpe:/a:redhat:enterprise_linux:qpid-proton-debuginfo, p-cpe:/a:redhat:enterprise_linux:qpid-qmf, p-cpe:/a:redhat:enterprise_linux:qpid-tools, p-cpe:/a:redhat:enterprise_linux:redhat-access-insights-puppet, p-cpe:/a:redhat:enterprise_linux:repoview, p-cpe:/a:redhat:enterprise_linux:rubygem-ansi, p-cpe:/a:redhat:enterprise_linux:rubygem-bundler_ext, p-cpe:/a:redhat:enterprise_linux:rubygem-clamp, p-cpe:/a:redhat:enterprise_linux:rubygem-concurrent-ruby, p-cpe:/a:redhat:enterprise_linux:rubygem-facter, p-cpe:/a:redhat:enterprise_linux:rubygem-fast_gettext, p-cpe:/a:redhat:enterprise_linux:rubygem-ffi, p-cpe:/a:redhat:enterprise_linux:rubygem-ffi-debuginfo, p-cpe:/a:redhat:enterprise_linux:rubygem-foreman_scap_client, p-cpe:/a:redhat:enterprise_linux:rubygem-gssapi, p-cpe:/a:redhat:enterprise_linux:rubygem-hashie, p-cpe:/a:redhat:enterprise_linux:rubygem-highline, p-cpe:/a:redhat:enterprise_linux:rubygem-kafo, p-cpe:/a:redhat:enterprise_linux:rubygem-kafo_parsers, p-cpe:/a:redhat:enterprise_linux:rubygem-kafo_wizards, p-cpe:/a:redhat:enterprise_linux:rubygem-little-plugger, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-mime-types, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-mime-types-data, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-mini_mime, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-multi_json, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-mustermann, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-nio4r, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-nio4r-debuginfo, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-nokogiri, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-nokogiri-debuginfo, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-rack, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-rack-protection, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-rack-test, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-rails, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-rails-dom-testing, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-rails-html-sanitizer, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-railties, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-sinatra, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-sprockets, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-sprockets-rails, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-sqlite3, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-sqlite3-debuginfo, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-thor, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-thread_safe, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-tilt, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-turbolinks, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-tzinfo, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-websocket-driver, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-websocket-driver-debuginfo, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-websocket-extensions, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-runtime, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-activerecord-session_store, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-addressable, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-algebrick, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ancestry, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-anemone, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-angular-rails-templates, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-apipie-bindings, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-apipie-params, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-apipie-rails, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-audited, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-autoparse, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-awesome_print, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-bastion, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-bundler_ext, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-clamp, p-cpe:/a:redhat:enterprise_linux:saslwrapper-debuginfo, p-cpe:/a:redhat:enterprise_linux:satellite, p-cpe:/a:redhat:enterprise_linux:satellite-capsule, p-cpe:/a:redhat:enterprise_linux:satellite-cli, p-cpe:/a:redhat:enterprise_linux:satellite-common, p-cpe:/a:redhat:enterprise_linux:satellite-debug-tools, p-cpe:/a:redhat:enterprise_linux:satellite-installer, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-actioncable, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-actionmailer, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-actionpack, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-actionview, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-activejob, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-activemodel, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-activerecord, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-activesupport, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-arel, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-builder, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-coffee-rails, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-coffee-script, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-coffee-script-source, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-concurrent-ruby, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-crass, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-concurrent-ruby-edge, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-css_parser, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-daemons, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-deacon, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-deep_cloneable, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-deface, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-diffy, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-docker-api, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-domain_name, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-dynflow, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-excon, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-extlib, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-facter, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-faraday, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fast_gettext, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ffi, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ffi-debuginfo, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-aws, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-core, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-digitalocean, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-google, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-json, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-libvirt, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-openstack, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-ovirt, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-rackspace, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-vsphere, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-xenserver, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-xml, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman-redhat_access, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman-tasks, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman-tasks-core, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_ansible, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_ansible_core, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_bootdisk, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_discovery, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_docker, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_hooks, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_openscap, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_remote_execution, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_remote_execution_core, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_templates, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_theme_satellite, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_virt_who_configure, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-formatador, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-friendly_id, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-get_process_mem, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-gettext_i18n_rails, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-git, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-google-api-client, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-gssapi, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_csv, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_admin, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_ansible, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_bootdisk, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_discovery, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_docker, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_openscap, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_remote_execution, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_tasks, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_templates, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_virt_who_configure, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_katello, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hashie, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-highline, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-http-cookie, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ipaddress, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-jgrep, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-journald-logger, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-journald-native, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-journald-native-debuginfo, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-jwt, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-katello, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-launchy, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ldap_fluff, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-little-plugger, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-locale, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-logging, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-logging-journald, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-multipart-post, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-net-ldap, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-net-ping, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-net-scp, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-net-ssh, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-erubi, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-execjs, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-globalid, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-i18n, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-loofah, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-mail, p-cpe:/a:redhat:enterprise_linux:tfm-ror51-rubygem-method_source, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-net-ssh-krb, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-netrc, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-oauth, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ovirt-engine-sdk, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ovirt-engine-sdk-debuginfo, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ovirt_provision_plugin, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-parse-cron, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-passenger, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-passenger-debuginfo, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-passenger-native, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-passenger-native-libs, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-pg, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-pg-debuginfo, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-polyglot, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-powerbar, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-prometheus-client, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-qpid_messaging, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-qpid_messaging-debuginfo, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-quantile, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rabl, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rack-jsonp, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rails-i18n, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rainbow, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rbovirt, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rbvmomi, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-record_tag_helper, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-redhat_access, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-redhat_access_lib, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-responders, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rest-client, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-retriable, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-roadie, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-roadie-rails, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-robotex, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ruby-libvirt, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ruby-libvirt-debuginfo, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ruby2ruby, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ruby_parser, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-runcible, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-safemode, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-scoped_search, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-secure_headers, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-sequel, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-sexp_processor, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-signet, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-smart_proxy_dynflow_core, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-sshkey, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-statsd-instrument, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-trollop, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-unf, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-unf_ext, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-unf_ext-debuginfo, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-unicode, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-unicode-debuginfo, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-unicode-display_width, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-useragent, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-validates_lengths_from_database, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-webpack-rails, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-wicked, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-will_paginate, p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-x-editable-rails, p-cpe:/a:redhat:enterprise_linux:tfm-runtime, cpe:/o:redhat:enterprise_linux:7

必要な KB アイテム: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

エクスプロイトの容易さ: No known exploits are available

パッチ公開日: 2018/10/16

脆弱性公開日: 2016/1/6

参照情報

CVE: CVE-2015-3208, CVE-2015-6644, CVE-2016-1000338, CVE-2016-1000339, CVE-2016-1000340, CVE-2016-1000341, CVE-2016-1000342, CVE-2016-1000343, CVE-2016-1000344, CVE-2016-1000345, CVE-2016-1000346, CVE-2016-1000352, CVE-2017-10689, CVE-2017-10690, CVE-2017-12175, CVE-2017-15095, CVE-2017-15100, CVE-2017-5929, CVE-2017-7233, CVE-2017-7536, CVE-2018-10237, CVE-2018-1090, CVE-2018-1096, CVE-2018-1097, CVE-2018-5382, CVE-2018-7536, CVE-2018-7537

RHSA: 2018:2927