CVE-2016-4455
First published: Fri May 27 2016(Updated: )
/var/lib/rhsm/cache/entitlement_status.json and /var/lib/rhsm/facts/facts.json are world readable but contain sensitive information (Red Hat Contract number and hardware serial number, sufficient to authenticate again Red Hat and hardware vendor support) can could be used by an attacker to perform a social engineering attack. Upstream patch: <a href="https://github.com/candlepin/subscription-manager/commit/9dec31">https://github.com/candlepin/subscription-manager/commit/9dec31</a>
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Red Hat Enterprise Linux Desktop | =6.0 | |
| Red Hat Enterprise Linux Desktop | =7.0 | |
| Red Hat Enterprise Linux HPC Node | =6.0 | |
| Red Hat Enterprise Linux HPC Node | =7.0 | |
| Red Hat Enterprise Linux Server | =6.0 | |
| Red Hat Enterprise Linux Server | =7.0 | |
| Red Hat Enterprise Linux Workstation | =6.0 | |
| Red Hat Enterprise Linux Workstation | =7.0 | |
| Red Hat Subscription Manager | <=1.17.6-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://github.com/candlepin/subscription-manager/commit/9dec31
- https://rhn.redhat.com/errata/RHSA-2016-2592.html
- https://rhn.redhat.com/errata/RHSA-2017-0698.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1340525
- http://rhn.redhat.com/errata/RHSA-2016-2592.html
- http://rhn.redhat.com/errata/RHSA-2017-0698.html
- http://www.openwall.com/lists/oss-security/2016/10/26/5
- http://www.securityfocus.com/bid/93926
- http://www.securitytracker.com/id/1038083
- https://github.com/candlepin/subscription-manager/blob/subscription-manager-1.17.7-1/subscription-manager.spec
Frequently Asked Questions
What is the severity of CVE-2016-4455?
CVE-2016-4455 is classified as a moderate severity vulnerability.
How do I fix CVE-2016-4455?
To fix CVE-2016-4455, ensure that the permissions on /var/lib/rhsm/cache/entitlement_status.json and /var/lib/rhsm/facts/facts.json are properly restricted.
What type of information is exposed in CVE-2016-4455?
CVE-2016-4455 exposes sensitive information such as the Red Hat Contract number and hardware serial number.
Which versions of Red Hat are affected by CVE-2016-4455?
CVE-2016-4455 affects Red Hat Enterprise Linux versions 6.0 and 7.0, along with Red Hat Subscription Manager up to version 1.17.6-1.
Can CVE-2016-4455 be exploited by attackers?
Yes, an attacker could exploit CVE-2016-4455 to access sensitive information that may assist in unauthorized authentication.
- agent/references
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/remedy
- agent/last-modified-date
- agent/description
- agent/author
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2016-4455
- agent/trending
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/redhat
- canonical/red hat enterprise linux desktop
- version/red hat enterprise linux desktop/6.0
- version/red hat enterprise linux desktop/7.0
- canonical/red hat enterprise linux hpc node
- version/red hat enterprise linux hpc node/6.0
- version/red hat enterprise linux hpc node/7.0
- canonical/red hat enterprise linux server
- version/red hat enterprise linux server/6.0
- version/red hat enterprise linux server/7.0
- canonical/red hat enterprise linux workstation
- version/red hat enterprise linux workstation/6.0
- version/red hat enterprise linux workstation/7.0
- canonical/red hat subscription manager
- version/red hat subscription manager/1.17.6-1