CVE: CVE-2012-3503

Export to Word

The installation script in Katello 1.0 and earlier does not properly generate the Application.config.secret_token value, which causes each default installation to have the same secret token, and allows remote attackers to authenticate to the CloudForms System Engine web interface as an arbitrary user by creating a cookie using the default secret_token.

Threat-Mapped Scoring

Score: 0.0

Priority: Unclassified

EPSS

Score: 0.01303
Percentile: 0.78865

CVSS Scoring

CVSS v3.1 Score: 9.8

Severity: CRITICAL

Mapped CWE(s)

CWE-798 : Use of Hard-coded Credentials

All CAPEC(s)

CAPEC-191: Read Sensitive Constants Within an Executable
CAPEC-70: Try Common or Default Usernames and Passwords

CAPEC(s) with Mapped TTPs

CAPEC-191: Read Sensitive Constants Within an Executable
Mapped TTPs:
- T1552.001 : Credentials In Files
CAPEC-70: Try Common or Default Usernames and Passwords
Mapped TTPs:
- T1078.001 : Default Accounts

Mapped ATT&CK TTPs

T1552.001 : Credentials In Files
Kill Chain: credential-access
T1078.001 : Default Accounts
Kill Chain: defense-evasion

Malware

APTs Threat Group Associations

Campaigns

Leviathan Australian Intrusions
HomeLand Justice

Affected Products

cpe:2.3:a:theforeman:katello:*:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*

← Back to Home