Red Hat Satellite 6 allows local user of instance to read cache files. These credentials give full access via the API and local user on the foreman server can gain complete access of the instance.
Mitigation: This flaw can be mitigated by manually changing the directory permissions to remove readable bits for the others: # chmod 0750 /run/foreman
Acknowledgments: Name: Foreman project Upstream: Ewoud Kohl van Wijngaarden (Red Hat)
Please ignore comment 5 and comment 6 as these were meant for https://bugzilla.redhat.com/show_bug.cgi?id=1858302
This issue has been addressed in the following products: Red Hat Satellite 6.7 for RHEL 7 Via RHSA-2020:4127 https://access.redhat.com/errata/RHSA-2020:4127
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-14334
This issue has been addressed in the following products: Red Hat Satellite 6.7 for RHEL 8 Via RHSA-2020:4366 https://access.redhat.com/errata/RHSA-2020:4366