CVE-2021-40348

Name of the Vulnerable Software and Affected Versions Spacewalk version 2.10 Uyuni version 2021.08 Uyuni spacewalk-admin versions prior to 4.3.2-1

Description The issue allows code injection due to the lack of sanitization of the configuration filename used by the rhn-config-satellite.pl script to append Spacewalk-specific key-value pairs. This script is intended to be run by the tomcat user account with Sudo, according to the installation setup. An attacker can use the --option to append arbitrary code to a root-owned file that will eventually be executed by the system.

Recommendations For Spacewalk version 2.10, update to a version that includes the fix for this issue. For Uyuni version 2021.08, update Uyuni spacewalk-admin to version 4.3.2-1 or later. For Uyuni spacewalk-admin versions prior to 4.3.2-1, update to version 4.3.2-1 or later. As a temporary workaround, consider restricting the execution of the rhn-config-satellite.pl script to prevent potential code injection attacks.