Miggo Logo

CVE-2012-3503: Katello uses hard coded credential

9.8

CVSS Score
3.1

Basic Information

EPSS Score
0.78831%
Published
5/17/2022
Updated
4/12/2024
KEV Status
No
Technology
TechnologyRuby

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
katellorubygems< 1.0.61.0.6
katellorubygems>= 1.1.0, < 1.1.71.1.7

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from the static assignment of Application.config.secret_token in secret_token.rb, as shown in the pre-patch code. The commit diff explicitly replaces this hard-coded value with dynamic generation logic. While the RPM spec file's postun script placement was incorrect, the root vulnerability manifests in the application's use of a non-unique secret token defined in this initializer file. The CWE-798 classification and patch confirmation further validate this as the vulnerable function.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

T** inst*ll*tion s*ript in K*t*llo *.* *n* **rli*r *o*s not prop*rly **n*r*t* t** `*ppli**tion.*on*i*.s**r*t_tok*n` v*lu*, w*i** **us*s **** ****ult inst*ll*tion to **v* t** s*m* s**r*t tok*n, *n* *llows r*mot* *tt**k*rs to *ut**nti**t* to t** *lou**

Reasoning

T** vuln*r**ility st*ms *rom t** st*ti* *ssi*nm*nt o* *ppli**tion.*on*i*.s**r*t_tok*n in s**r*t_tok*n.r*, *s s*own in t** pr*-p*t** *o**. T** *ommit *i** *xpli*itly r*pl***s t*is **r*-*o*** v*lu* wit* *yn*mi* **n*r*tion lo*i*. W*il* t** RPM sp** *il*