Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: None
Affects Version/s: None
Component/s: Vulnerability
Labels:
- cee
- support-case-open

Severity:
Moderate
Ready:
False
Blocked:
False
Blocked Reason:

Hide

None

Show
None

SFDC Cases Counter:
SFDC Cases Links:

Description

** Note that this is a public ticket, please refrain from adding any sensitive data. **

Description:

False positive for CVE 2022-32224 even after all packages have been updated listed in the RHSA-2023:1151 - Security Advisory. 

Installed packages: 

foreman-3.1.1.26-1.el7sat.noarch                            Wed Jun  7 12:01:59 2023
tfm-rubygem-activerecord-6.0.6-2.el7sat.noarch              Wed Jun  7 12:01:25 2023
satellite-6.11.5.3-1.el7sat.noarch                          Wed Jun  7 12:02:48 2023
 
[1]https://access.redhat.com/security/cve/CVE-2022-32224
[2]https://access.redhat.com/errata/RHSA-2023:1151

Steps to Reproduce:

1. Register Satellite 6.11 with Insights
2. Run 'insights-client' command

How reproducible: (Always / Intermittent / Random)

Always

Actual Results:

Even after installing RHSA-2023:1151 errata, satellite server is flagged with CVE 2022-32224

Expected results:

CVE 2022-32224 should be removed from the satellite host profile in Insights UI.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

Screenshot from 2023-08-10 08-49-29.png
13 kB
2023/08/10 1:04 PM
Screenshot from 2023-08-10 08-54-31.png
129 kB
2023/08/10 1:04 PM
Screenshot from 2023-08-10 08-59-43.png
16 kB
2023/08/10 1:04 PM
Screenshot from 2023-08-10 09-03-55.png
139 kB
2023/08/10 1:04 PM

Activity

People

Assignee:: Jan Dobes

Reporter:: Nikhil Gupta

Votes:: 0 Vote for this issue

Watchers:: 15 Start watching this issue

Dates

Created:: 2023/06/23 6:50 AM

Updated:: 2023/08/10 1:05 PM

Resolved:: 2023/08/10 1:05 PM