vulnerability

CentOS Linux: CVE-2022-23837: Moderate: Satellite 6.11 Release (CESA-2022:5498)

Try Surface Command
Back to search
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Jan 21, 2022
Added
Jul 14, 2022
Modified
May 25, 2023

Description

In api.rb in Sidekiq before 5.2.10 and 6.4.0, there is no limit on the number of days when requesting stats for the graph. This overloads the system, affecting the Web UI, and makes it unavailable to users.

Solutions

centos-upgrade-foreman-clicentos-upgrade-rubygem-amazing_printcentos-upgrade-rubygem-apipie-bindingscentos-upgrade-rubygem-clampcentos-upgrade-rubygem-domain_namecentos-upgrade-rubygem-fast_gettextcentos-upgrade-rubygem-foreman_maintaincentos-upgrade-rubygem-hammer_clicentos-upgrade-rubygem-hammer_cli_foremancentos-upgrade-rubygem-hammer_cli_foreman_admincentos-upgrade-rubygem-hammer_cli_foreman_ansiblecentos-upgrade-rubygem-hammer_cli_foreman_azure_rmcentos-upgrade-rubygem-hammer_cli_foreman_bootdiskcentos-upgrade-rubygem-hammer_cli_foreman_discoverycentos-upgrade-rubygem-hammer_cli_foreman_openscapcentos-upgrade-rubygem-hammer_cli_foreman_remote_executioncentos-upgrade-rubygem-hammer_cli_foreman_taskscentos-upgrade-rubygem-hammer_cli_foreman_templatescentos-upgrade-rubygem-hammer_cli_foreman_virt_who_configurecentos-upgrade-rubygem-hammer_cli_foreman_webhookscentos-upgrade-rubygem-hammer_cli_katellocentos-upgrade-rubygem-hashiecentos-upgrade-rubygem-highlinecentos-upgrade-rubygem-http-cookiecentos-upgrade-rubygem-jwtcentos-upgrade-rubygem-little-pluggercentos-upgrade-rubygem-localecentos-upgrade-rubygem-loggingcentos-upgrade-rubygem-mime-typescentos-upgrade-rubygem-mime-types-datacentos-upgrade-rubygem-multi_jsoncentos-upgrade-rubygem-netrccentos-upgrade-rubygem-oauthcentos-upgrade-rubygem-powerbarcentos-upgrade-rubygem-rest-clientcentos-upgrade-rubygem-unfcentos-upgrade-rubygem-unf_extcentos-upgrade-rubygem-unf_ext-debuginfocentos-upgrade-rubygem-unf_ext-debugsourcecentos-upgrade-rubygem-unicodecentos-upgrade-rubygem-unicode-debuginfocentos-upgrade-rubygem-unicode-debugsourcecentos-upgrade-rubygem-unicode-display_widthcentos-upgrade-satellite-clicentos-upgrade-satellite-clonecentos-upgrade-satellite-maintaincentos-upgrade-tfm-rubygem-amazing_printcentos-upgrade-tfm-rubygem-apipie-bindingscentos-upgrade-tfm-rubygem-clampcentos-upgrade-tfm-rubygem-domain_namecentos-upgrade-tfm-rubygem-fast_gettextcentos-upgrade-tfm-rubygem-hammer_clicentos-upgrade-tfm-rubygem-hammer_cli_foremancentos-upgrade-tfm-rubygem-hammer_cli_foreman_admincentos-upgrade-tfm-rubygem-hammer_cli_foreman_ansiblecentos-upgrade-tfm-rubygem-hammer_cli_foreman_azure_rmcentos-upgrade-tfm-rubygem-hammer_cli_foreman_bootdiskcentos-upgrade-tfm-rubygem-hammer_cli_foreman_discoverycentos-upgrade-tfm-rubygem-hammer_cli_foreman_openscapcentos-upgrade-tfm-rubygem-hammer_cli_foreman_remote_executioncentos-upgrade-tfm-rubygem-hammer_cli_foreman_taskscentos-upgrade-tfm-rubygem-hammer_cli_foreman_templatescentos-upgrade-tfm-rubygem-hammer_cli_foreman_virt_who_configurecentos-upgrade-tfm-rubygem-hammer_cli_foreman_webhookscentos-upgrade-tfm-rubygem-hammer_cli_katellocentos-upgrade-tfm-rubygem-hashiecentos-upgrade-tfm-rubygem-highlinecentos-upgrade-tfm-rubygem-http-cookiecentos-upgrade-tfm-rubygem-jwtcentos-upgrade-tfm-rubygem-little-pluggercentos-upgrade-tfm-rubygem-localecentos-upgrade-tfm-rubygem-loggingcentos-upgrade-tfm-rubygem-mime-typescentos-upgrade-tfm-rubygem-mime-types-datacentos-upgrade-tfm-rubygem-multi_jsoncentos-upgrade-tfm-rubygem-netrccentos-upgrade-tfm-rubygem-oauthcentos-upgrade-tfm-rubygem-powerbarcentos-upgrade-tfm-rubygem-rest-clientcentos-upgrade-tfm-rubygem-unfcentos-upgrade-tfm-rubygem-unf_extcentos-upgrade-tfm-rubygem-unf_ext-debuginfocentos-upgrade-tfm-rubygem-unicodecentos-upgrade-tfm-rubygem-unicode-debuginfocentos-upgrade-tfm-rubygem-unicode-display_widthcentos-upgrade-tfm-runtime

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today