Language:
https://access.redhat.com/security/updates/classification/#moderate
https://bugzilla.redhat.com/show_bug.cgi?id=2250765
https://bugzilla.redhat.com/show_bug.cgi?id=2255331
https://bugzilla.redhat.com/show_bug.cgi?id=2259479
https://bugzilla.redhat.com/show_bug.cgi?id=2266045
https://bugzilla.redhat.com/show_bug.cgi?id=2268017
https://bugzilla.redhat.com/show_bug.cgi?id=2268019
https://bugzilla.redhat.com/show_bug.cgi?id=2268273
https://bugzilla.redhat.com/show_bug.cgi?id=2269576
https://bugzilla.redhat.com/show_bug.cgi?id=2269617
https://bugzilla.redhat.com/show_bug.cgi?id=2270236
https://bugzilla.redhat.com/show_bug.cgi?id=2272563
https://bugzilla.redhat.com/show_bug.cgi?id=2274779
https://bugzilla.redhat.com/show_bug.cgi?id=2275106
https://bugzilla.redhat.com/show_bug.cgi?id=2275280
https://bugzilla.redhat.com/show_bug.cgi?id=2275989
https://bugzilla.redhat.com/show_bug.cgi?id=2277035
https://bugzilla.redhat.com/show_bug.cgi?id=2278038
https://bugzilla.redhat.com/show_bug.cgi?id=2278710
https://bugzilla.redhat.com/show_bug.cgi?id=2279476
https://bugzilla.redhat.com/show_bug.cgi?id=2282114
https://issues.redhat.com/browse/AAH-3111
https://issues.redhat.com/browse/AAP-22461
深刻度: High
ID: 200272
ファイル名: redhat-RHSA-2024-3781.nasl
バージョン: 1.2
タイプ: local
エージェント: unix
公開日: 2024/6/10
更新日: 2024/11/7
サポートされているセンサー: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus
リスクファクター: Medium
スコア: 5.9
Vendor Severity: Moderate
リスクファクター: High
基本値: 7.6
現状値: 6
ベクトル: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C
CVSS スコアのソース: CVE-2023-50447
リスクファクター: High
基本値: 8.1
現状値: 7.3
ベクトル: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
現状ベクトル: CVSS:3.0/E:P/RL:O/RC:C
リスクファクター: High
Base Score: 8.9
Threat Score: 8.9
Threat Vector: CVSS:4.0/E:P
Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
CVSS スコアのソース: CVE-2023-49083
CPE: p-cpe:/a:redhat:enterprise_linux:python3-requests, p-cpe:/a:redhat:enterprise_linux:python3x-aiohttp, p-cpe:/a:redhat:enterprise_linux:python3-black, p-cpe:/a:redhat:enterprise_linux:python3-pydantic, p-cpe:/a:redhat:enterprise_linux:python3x-idna, p-cpe:/a:redhat:enterprise_linux:python3x-black, p-cpe:/a:redhat:enterprise_linux:python-pillow, p-cpe:/a:redhat:enterprise_linux:python-galaxy-ng, p-cpe:/a:redhat:enterprise_linux:python3x-cryptography, cpe:/o:redhat:enterprise_linux:9, p-cpe:/a:redhat:enterprise_linux:python3x-requests, p-cpe:/a:redhat:enterprise_linux:python-black, p-cpe:/a:redhat:enterprise_linux:python3x-galaxy-ng, p-cpe:/a:redhat:enterprise_linux:receptor, p-cpe:/a:redhat:enterprise_linux:automation-controller-venv-tower, p-cpe:/a:redhat:enterprise_linux:python-jinja2, p-cpe:/a:redhat:enterprise_linux:python-requests, p-cpe:/a:redhat:enterprise_linux:python39-social-auth-app-django, p-cpe:/a:redhat:enterprise_linux:python3x-jinja2, cpe:/o:redhat:enterprise_linux:8, p-cpe:/a:redhat:enterprise_linux:python-sqlparse, p-cpe:/a:redhat:enterprise_linux:python3x-pydantic, p-cpe:/a:redhat:enterprise_linux:python3-sqlparse, p-cpe:/a:redhat:enterprise_linux:python3x-sqlparse, p-cpe:/a:redhat:enterprise_linux:python39-aiohttp, p-cpe:/a:redhat:enterprise_linux:python3-aiohttp, p-cpe:/a:redhat:enterprise_linux:python3-social-auth-app-django, p-cpe:/a:redhat:enterprise_linux:python3-pillow, p-cpe:/a:redhat:enterprise_linux:python39-gunicorn, p-cpe:/a:redhat:enterprise_linux:python39-requests, p-cpe:/a:redhat:enterprise_linux:python3x-gunicorn, p-cpe:/a:redhat:enterprise_linux:python39-galaxy-ng, p-cpe:/a:redhat:enterprise_linux:python39-sqlparse, p-cpe:/a:redhat:enterprise_linux:python39-jinja2, p-cpe:/a:redhat:enterprise_linux:receptorctl, p-cpe:/a:redhat:enterprise_linux:python3-cryptography, p-cpe:/a:redhat:enterprise_linux:python-gunicorn, p-cpe:/a:redhat:enterprise_linux:python3-galaxy-ng, p-cpe:/a:redhat:enterprise_linux:python39-black, p-cpe:/a:redhat:enterprise_linux:python39-cryptography, p-cpe:/a:redhat:enterprise_linux:python39-idna, p-cpe:/a:redhat:enterprise_linux:python39-pillow, p-cpe:/a:redhat:enterprise_linux:python-cryptography, p-cpe:/a:redhat:enterprise_linux:python3x-pillow, p-cpe:/a:redhat:enterprise_linux:automation-hub, p-cpe:/a:redhat:enterprise_linux:python-social-auth-app-django, p-cpe:/a:redhat:enterprise_linux:python3-jinja2, p-cpe:/a:redhat:enterprise_linux:python39-pydantic, p-cpe:/a:redhat:enterprise_linux:python-pydantic, p-cpe:/a:redhat:enterprise_linux:python-idna, p-cpe:/a:redhat:enterprise_linux:python3x-social-auth-app-django, p-cpe:/a:redhat:enterprise_linux:python3-idna, p-cpe:/a:redhat:enterprise_linux:python-aiohttp, p-cpe:/a:redhat:enterprise_linux:python3-gunicorn
必要な KB アイテム: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu
エクスプロイトが利用可能: true
エクスプロイトの容易さ: Exploits are available
パッチ公開日: 2024/6/10
脆弱性公開日: 2023/10/25
CVE: CVE-2023-45288, CVE-2023-45290, CVE-2023-49083, CVE-2023-50447, CVE-2023-5752, CVE-2024-1135, CVE-2024-21503, CVE-2024-24783, CVE-2024-26130, CVE-2024-27306, CVE-2024-27351, CVE-2024-28219, CVE-2024-28849, CVE-2024-30251, CVE-2024-32879, CVE-2024-34064, CVE-2024-35195, CVE-2024-3651, CVE-2024-3772, CVE-2024-4340