CVE-2024-4871
MEDIUMRed Hat Satellite Remote Execution - SSH Host Key Verification Bypass
Title source: manualDescription
A vulnerability was found in Satellite. When running a remote execution job on a host, the host's SSH key is not being checked. When the key changes, the Satellite still connects it because it uses "-o StrictHostKeyChecking=no". This flaw can lead to a man-in-the-middle attack (MITM), denial of service, leaking of secrets the remote execution job contains, or other issues that may arise from the attacker's ability to forge an SSH key. This issue does not directly allow unauthorized remote execution on the Satellite, although it can leak secrets that may lead to it.
References (3)
Core 3
Core References
Vendor Advisory vdb-entry
x_refsource_redhat
https://access.redhat.com/security/cve/CVE-2024-4871
Issue Tracking issue-tracking
x_refsource_redhat
https://bugzilla.redhat.com/show_bug.cgi?id=2278627
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHBA-2024:4589
Scores
CVSS v3
6.8
EPSS
0.0304
EPSS Percentile
86.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-322
Status
published
Products (12)
Red Hat/Red Hat Satellite 6.15 for RHEL 8
0:0.10.6-1.el8sat
Red Hat/Red Hat Satellite 6.15 for RHEL 8
0:1.8.3-1.el8sat
Red Hat/Red Hat Satellite 6.15 for RHEL 8
0:12.0.7-1.el8sat
Red Hat/Red Hat Satellite 6.15 for RHEL 8
0:13.0.6-1.el8sat
Red Hat/Red Hat Satellite 6.15 for RHEL 8
0:2.16.9-1.el8pc
Red Hat/Red Hat Satellite 6.15 for RHEL 8
0:3.0.0-1.el8sat
Red Hat/Red Hat Satellite 6.15 for RHEL 8
0:3.39.15-1.el8pc
Red Hat/Red Hat Satellite 6.15 for RHEL 8
0:3.9.1.8-1.el8sat
Red Hat/Red Hat Satellite 6.15 for RHEL 8
0:4.11.0.15-1.el8sat
Red Hat/Red Hat Satellite 6.15 for RHEL 8
0:4.3.14-1.el8sat
... and 2 more
Published
May 14, 2024
Tracked Since
Feb 18, 2026