2278627 – (CVE-2024-4871) CVE-2024-4871 foreman: Host ssh key not being checked in remote execution

Bug 2278627 (CVE-2024-4871) - CVE-2024-4871 foreman: Host ssh key not being checked in remote execution

Summary: CVE-2024-4871 foreman: Host ssh key not being checked in remote execution

Keywords:
Status:	NEW
Alias:	CVE-2024-4871
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2278628 2278629 2278630 2278631
Blocks:	2278625
TreeView+	depends on / blocked

Reported:	2024-05-02 13:22 UTC by Patrick Del Bello
Modified:	2024-06-07 12:56 UTC (History)
CC List:	13 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description Patrick Del Bello 2024-05-02 13:22:59 UTC

When running a remote execution job on a host, the ssh key of the host is not being checked. When the key changes, the Satellite connects it anyway because it uses "-o StrictHostKeyChecking=no". This can lead to MITM, DoS, leaking of whatever secrets the remote execution job contains, or whatever other issues may arise from the attacker being able to forge a ssh key.
This does not directly allow unauthorized remote execution on the Satellite (although it can leak secrets leading to it)..

Note You need to log in before you can comment on or make changes to this bug.