Oval Definition:oval:org.opensuse.security:def:202140323
Revision Date:2022-05-25Version:1
Title:CVE-2021-40323
Description:

Cobbler before 3.3.0 allows log poisoning, and resultant Remote Code Execution, via an XMLRPC method that logs to the logfile for template injection.
Family:unixClass:vulnerability
Status:Reference(s):Mitre CVE-2021-40323
SUSE CVE-2021-40323
SUSE-SU-2021:3151-1
SUSE-SU-2021:3170-1
openSUSE-SU-2022:0062-1
Platform(s):Image SLES15-SP2-Manager-4-1-Server-BYOS-Azure
Image SLES15-SP2-Manager-4-1-Server-BYOS-EC2-HVM
Image SLES15-SP2-Manager-4-1-Server-BYOS-GCE
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE
Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure
Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM
Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE
openSUSE Leap 15.3
SUSE Linux Enterprise Module for SUSE Manager Server 4.1
SUSE Linux Enterprise Module for SUSE Manager Server 4.2
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.1
SUSE Manager Server 4.2
Product(s):
Definition Synopsis
  • openSUSE Leap 15.3 is installed
  • AND Package Information
  • cobbler-3.1.2-bp153.2.3.1 is installed
  • AND cobbler is signed with openSUSE key
  • OR
  • cobbler-tests-3.1.2-bp153.2.3.1 is installed
  • AND cobbler-tests is signed with openSUSE key
  • OR
  • cobbler-web-3.1.2-bp153.2.3.1 is installed
  • AND cobbler-web is signed with openSUSE key
    • Definition Synopsis
  • SUSE Linux Enterprise Module for SUSE Manager Server 4.1 is installed
  • AND cobbler-3.0.0+git20190806.32c4bae0-8.22.6.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Manager Proxy 4.2 is installed
  • OR SUSE Manager Retail Branch Server 4.2 is installed
  • AND release-notes-susemanager-proxy-4.2.2-3.12.1 is installed
  • OR Package Information
  • SUSE Manager Server 4.2 is installed
  • AND release-notes-susemanager-4.2.2-3.12.1 is installed
  • OR Package Information
  • Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure is installed
  • OR Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM is installed
  • OR Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE is installed
  • AND
  • python3-spacewalk-certs-tools-4.2.12-3.6.2 is installed
  • OR python3-spacewalk-client-tools-4.2.13-4.6.3 is installed
  • OR spacewalk-backend-4.2.16-4.6.3 is installed
  • OR spacewalk-base-minimal-4.2.21-3.6.3 is installed
  • OR spacewalk-base-minimal-config-4.2.21-3.6.3 is installed
  • OR spacewalk-certs-tools-4.2.12-3.6.2 is installed
  • OR spacewalk-client-tools-4.2.13-4.6.3 is installed
  • OR spacewalk-proxy-installer-4.2.6-3.6.2 is installed
  • OR susemanager-build-keys-15.3.5-3.3.1 is installed
  • OR susemanager-build-keys-web-15.3.5-3.3.1 is installed
  • OR Package Information
  • Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure is installed
  • OR Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM is installed
  • AND
  • cobbler-3.1.2-5.8.1 is installed
  • OR cpu-mitigations-formula-0.4.0-3.3.1 is installed
  • OR py26-compat-salt-2016.11.10-11.28.6.1 is installed
  • OR py27-compat-salt-3000.3-7.7.8.1 is installed
  • OR python3-spacewalk-certs-tools-4.2.12-3.6.2 is installed
  • OR python3-spacewalk-client-tools-4.2.13-4.6.3 is installed
  • OR spacecmd-4.2.12-4.6.2 is installed
  • OR spacewalk-backend-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-app-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-applet-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-config-files-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-config-files-common-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-config-files-tool-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-iss-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-iss-export-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-package-push-server-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-server-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-sql-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-sql-postgresql-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-tools-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-xml-export-libs-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-xmlrpc-4.2.16-4.6.3 is installed
  • OR spacewalk-base-4.2.21-3.6.3 is installed
  • OR spacewalk-base-minimal-4.2.21-3.6.3 is installed
  • OR spacewalk-base-minimal-config-4.2.21-3.6.3 is installed
  • OR spacewalk-certs-tools-4.2.12-3.6.2 is installed
  • OR spacewalk-client-tools-4.2.13-4.6.3 is installed
  • OR spacewalk-html-4.2.21-3.6.3 is installed
  • OR spacewalk-java-4.2.28-3.11.5 is installed
  • OR spacewalk-java-config-4.2.28-3.11.5 is installed
  • OR spacewalk-java-lib-4.2.28-3.11.5 is installed
  • OR spacewalk-java-postgresql-4.2.28-3.11.5 is installed
  • OR spacewalk-setup-4.2.8-3.6.1 is installed
  • OR spacewalk-taskomatic-4.2.28-3.11.5 is installed
  • OR spacewalk-utils-4.2.13-3.6.1 is installed
  • OR susemanager-4.2.22-3.6.1 is installed
  • OR susemanager-build-keys-15.3.5-3.3.1 is installed
  • OR susemanager-build-keys-web-15.3.5-3.3.1 is installed
  • OR susemanager-doc-indexes-4.2-12.8.1 is installed
  • OR susemanager-docs_en-4.2-12.8.1 is installed
  • OR susemanager-docs_en-pdf-4.2-12.8.1 is installed
  • OR susemanager-schema-4.2.17-3.6.2 is installed
  • OR susemanager-sls-4.2.16-3.6.1 is installed
  • OR susemanager-sync-data-4.2.8-3.6.1 is installed
  • OR susemanager-tools-4.2.22-3.6.1 is installed
  • OR susemanager-web-libs-4.2.21-3.6.3 is installed
  • OR Package Information
  • Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE is installed
  • AND
  • cobbler-3.1.2-5.8.1 is installed
  • OR cpu-mitigations-formula-0.4.0-3.3.1 is installed
  • OR py26-compat-salt-2016.11.10-11.28.6.1 is installed
  • OR py27-compat-salt-3000.3-7.7.8.1 is installed
  • OR python3-spacewalk-certs-tools-4.2.12-3.6.2 is installed
  • OR python3-spacewalk-client-tools-4.2.13-4.6.3 is installed
  • OR spacecmd-4.2.12-4.6.2 is installed
  • OR spacewalk-backend-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-app-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-applet-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-config-files-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-config-files-common-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-config-files-tool-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-iss-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-iss-export-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-package-push-server-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-server-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-sql-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-sql-postgresql-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-tools-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-xml-export-libs-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-xmlrpc-4.2.16-4.6.3 is installed
  • OR spacewalk-base-4.2.21-3.6.3 is installed
  • OR spacewalk-base-minimal-4.2.21-3.6.3 is installed
  • OR spacewalk-base-minimal-config-4.2.21-3.6.3 is installed
  • OR spacewalk-certs-tools-4.2.12-3.6.2 is installed
  • OR spacewalk-client-tools-4.2.13-4.6.3 is installed
  • OR spacewalk-html-4.2.21-3.6.3 is installed
  • OR spacewalk-java-4.2.28-3.11.5 is installed
  • OR spacewalk-java-config-4.2.28-3.11.5 is installed
  • OR spacewalk-java-lib-4.2.28-3.11.5 is installed
  • OR spacewalk-java-postgresql-4.2.28-3.11.5 is installed
  • OR spacewalk-setup-4.2.8-3.6.1 is installed
  • OR spacewalk-taskomatic-4.2.28-3.11.5 is installed
  • OR spacewalk-utils-4.2.13-3.6.1 is installed
  • OR susemanager-4.2.22-3.6.1 is installed
  • OR susemanager-build-keys-15.3.5-3.3.1 is installed
  • OR susemanager-build-keys-web-15.3.5-3.3.1 is installed
  • OR susemanager-doc-indexes-4.2-12.8.1 is installed
  • OR susemanager-docs_en-4.2-12.8.1 is installed
  • OR susemanager-docs_en-pdf-4.2-12.8.1 is installed
  • OR susemanager-schema-4.2.17-3.6.2 is installed
  • OR susemanager-sls-4.2.16-3.6.1 is installed
  • OR susemanager-sync-data-4.2.8-3.6.1 is installed
  • OR susemanager-tools-4.2.22-3.6.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Module for SUSE Manager Server 4.2 is installed
  • OR SUSE Manager Server 4.2 is installed
  • AND
  • branch-network-formula-0.1.1628156312.dbd0dec-3.3.1 is installed
  • OR cobbler-3.1.2-5.8.1 is installed
  • OR cpu-mitigations-formula-0.4.0-3.3.1 is installed
  • OR inter-server-sync-0.0.5-8.3.2 is installed
  • OR openvpn-formula-0.1.2-3.3.1 is installed
  • OR prometheus-exporters-formula-1.0.3-3.6.1 is installed
  • OR py26-compat-salt-2016.11.10-11.28.6.1 is installed
  • OR py27-compat-salt-3000.3-7.7.8.1 is installed
  • OR python3-spacewalk-certs-tools-4.2.12-3.6.2 is installed
  • OR python3-spacewalk-client-tools-4.2.13-4.6.3 is installed
  • OR saltboot-formula-0.1.1628156312.dbd0dec-3.3.1 is installed
  • OR spacecmd-4.2.12-4.6.2 is installed
  • OR spacewalk-backend-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-app-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-applet-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-config-files-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-config-files-common-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-config-files-tool-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-iss-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-iss-export-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-package-push-server-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-server-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-sql-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-sql-postgresql-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-tools-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-xml-export-libs-4.2.16-4.6.3 is installed
  • OR spacewalk-backend-xmlrpc-4.2.16-4.6.3 is installed
  • OR spacewalk-base-4.2.21-3.6.3 is installed
  • OR spacewalk-base-minimal-4.2.21-3.6.3 is installed
  • OR spacewalk-base-minimal-config-4.2.21-3.6.3 is installed
  • OR spacewalk-certs-tools-4.2.12-3.6.2 is installed
  • OR spacewalk-client-tools-4.2.13-4.6.3 is installed
  • OR spacewalk-html-4.2.21-3.6.3 is installed
  • OR spacewalk-java-4.2.28-3.11.5 is installed
  • OR spacewalk-java-config-4.2.28-3.11.5 is installed
  • OR spacewalk-java-lib-4.2.28-3.11.5 is installed
  • OR spacewalk-java-postgresql-4.2.28-3.11.5 is installed
  • OR spacewalk-setup-4.2.8-3.6.1 is installed
  • OR spacewalk-taskomatic-4.2.28-3.11.5 is installed
  • OR spacewalk-utils-4.2.13-3.6.1 is installed
  • OR spacewalk-utils-extras-4.2.13-3.6.1 is installed
  • OR susemanager-4.2.22-3.6.1 is installed
  • OR susemanager-build-keys-15.3.5-3.3.1 is installed
  • OR susemanager-build-keys-web-15.3.5-3.3.1 is installed
  • OR susemanager-doc-indexes-4.2-12.8.1 is installed
  • OR susemanager-docs_en-4.2-12.8.1 is installed
  • OR susemanager-docs_en-pdf-4.2-12.8.1 is installed
  • OR susemanager-schema-4.2.17-3.6.2 is installed
  • OR susemanager-sls-4.2.16-3.6.1 is installed
  • OR susemanager-sync-data-4.2.8-3.6.1 is installed
  • OR susemanager-tools-4.2.22-3.6.1 is installed
  • OR susemanager-web-libs-4.2.21-3.6.3 is installed
  • OR uyuni-config-modules-4.2.16-3.6.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Module for SUSE Manager Server 4.1 is installed
  • OR SUSE Manager Server 4.1 is installed
  • AND cobbler-3.0.0+git20190806.32c4bae0-8.22.6.1 is installed
  • OR Package Information
  • Image SLES15-SP2-Manager-4-1-Server-BYOS-Azure is installed
  • OR Image SLES15-SP2-Manager-4-1-Server-BYOS-EC2-HVM is installed
  • OR Image SLES15-SP2-Manager-4-1-Server-BYOS-GCE is installed
  • AND cobbler-3.0.0+git20190806.32c4bae0-8.22.6.1 is installed
    • BACK