CVE-2016-3072: SQL Injection
First published: Tue Mar 29 2016(Updated: )
Multiple SQL injection vulnerabilities in the scoped_search function in app/controllers/katello/api/v2/api_controller.rb in Katello allow remote authenticated users to execute arbitrary SQL commands via the (1) sort_by or (2) sort_order parameter.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Katello Katello | ||
| Redhat Enterprise Linux | =6.0 | |
| Redhat Enterprise Linux | =7.0 | |
| Redhat Satellite | =6.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://access.redhat.com/errata/RHSA-2016:1083
- https://bugzilla.redhat.com/show_bug.cgi?id=1322050
- https://github.com/Katello/katello/pull/6051
- https://x.x.x.x/katello/api/v2/organizations/1/sync_plans/1/products?available_for=sync_plan&full_result=true&page=1&search=&sort_by=name&sort_order=ASC
- http://katello_products.id
- http://katello_products.name
- https://github.com/Katello/katello/blob/KATELLO-3.0/app/controllers/katello/api/v2/api_controller.rb#L67
- collector/nvd-index
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2016-3072
- agent/last-modified-date
- agent/tags
- agent/severity
- agent/remedy
- agent/author
- agent/weakness
- agent/references
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/katello
- canonical/katello katello
- vendor/redhat
- canonical/redhat enterprise linux
- version/redhat enterprise linux/6.0
- version/redhat enterprise linux/7.0
- canonical/redhat satellite
- version/redhat satellite/6.1