Vulnerability-Lookup

CVE-2009-4139 (GCVE-0-2009-4139)

Vulnerability from cvelistv5 – Published: 2011-07-27 01:29 – Updated: 2026-04-28 20:20

Title

Spacewalk-java: spacewalk: red hat network satellite: spacewalk java: privilege escalation via cross-site request forgery

Summary

A flaw was found in Spacewalk Java site packages. This cross-site request forgery (CSRF) vulnerability allows a remote attacker to hijack the authentication of arbitrary users. This can lead to unauthorized actions, including disabling user accounts, adding new user accounts, or escalating privileges by modifying existing user accounts to have administrator access.

Severity ?

6.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

CWE

CWE-346 - Origin Validation Error

Assigner

redhat

References

URL

Tags

	http://securitytracker.com/id?1025674
	http://www.redhat.com/support/errata/RHSA-2011-08…
	https://access.redhat.com/security/cve/CVE-2009-4139	vdb-entryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=529483
	https://exchange.xforce.ibmcloud.com/vulnerabilit…

Impacted products

Vendor

Product

Version

Red Hat

Red Hat Enterprise Linux 6

cpe:/o:redhat:enterprise_linux:6

Red Hat

Red Hat Enterprise Linux 7

cpe:/o:redhat:enterprise_linux:7

Date Public ?

2011-07-27 01:29

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T06:54:09.835Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1025674",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1025674"
          },
          {
            "name": "nss-spacewalk-csrf(68074)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68074"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=529483"
          },
          {
            "name": "RHSA-2011:0879",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0879.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "rhnsd",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "rhnsd",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2011-07-27T01:29:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in Spacewalk Java site packages. This cross-site request forgery (CSRF) vulnerability allows a remote attacker to hijack the authentication of arbitrary users. This can lead to unauthorized actions, including disabling user accounts, adding new user accounts, or escalating privileges by modifying existing user accounts to have administrator access."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-346",
              "description": "Origin Validation Error",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-28T20:20:17.282Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "http://securitytracker.com/id?1025674"
        },
        {
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0879.html"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2009-4139"
        },
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=529483"
        },
        {
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68074"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-04-02T14:51:35.507Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2011-07-27T01:29:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "Spacewalk-java: spacewalk: red hat network satellite: spacewalk java: privilege escalation via cross-site request forgery",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-346: Origin Validation Error"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2009-4139",
    "datePublished": "2011-07-27T01:29:00.000Z",
    "dateReserved": "2009-12-01T00:00:00.000Z",
    "dateUpdated": "2026-04-28T20:20:17.282Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2009-4139",
      "date": "2026-05-04",
      "epss": "0.00104",
      "percentile": "0.27925"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:network_satellite_server:5.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"771FCD58-59DF-468C-9AB4-229DA07A0CA2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:network_satellite_server:5.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D64C46C1-A5EB-4476-8DBA-F3C7D0FB5905\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:network_satellite_server:5.4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2DF5F81-B099-4878-9739-D5B3B0E89030\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:spacewalk-java:1.2.39:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A8CF0A4D-0501-4DEC-AADD-4A157E5960D8\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Cross-site request forgery (CSRF) vulnerability in the Spacewalk Java site packages (aka spacewalk-java) 1.2.39 in Spacewalk, as used in the server in Red Hat Network Satellite 5.3.0 through 5.4.1 and other products, allows remote attackers to hijack the authentication of arbitrary users for requests that (1) disable the current user account, (2) add user accounts, or (3) modify user accounts to have administrator privileges.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad de falsificaci\\u00f3n de petici\\u00f3n en sitios cruzados (CSRF) en los paquetes Spacewalk Java (spacewalk-java) 1.2.39 de Spacewalk, tal como se utiliza en el servidor de Red Hat Network Satellite 5.3.0 hasta la versi\\u00f3n 5.4.1 y otros productos, permite a atacantes remotos secuestrar la autenticaci\\u00f3n de usuarios arbitrarios para peticiones que (1) deshabilitan la cuenta del usuario actual, (2) a\\u00f1aden cuentas de usuarios, o (3) modifican cuentas de usuarios para tener privilegios administrativos.\"}]",
      "id": "CVE-2009-4139",
      "lastModified": "2024-11-21T01:09:00.900",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2011-07-27T02:55:01.243",
      "references": "[{\"url\": \"http://securitytracker.com/id?1025674\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2011-0879.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=529483\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/68074\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://securitytracker.com/id?1025674\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2011-0879.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=529483\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/68074\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "secalert@redhat.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-352\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2009-4139\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2011-07-27T02:55:01.243\",\"lastModified\":\"2026-04-29T01:13:23.040\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in Spacewalk Java site packages. This cross-site request forgery (CSRF) vulnerability allows a remote attacker to hijack the authentication of arbitrary users. This can lead to unauthorized actions, including disabling user accounts, adding new user accounts, or escalating privileges by modifying existing user accounts to have administrator access.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de falsificaci\u00f3n de petici\u00f3n en sitios cruzados (CSRF) en los paquetes Spacewalk Java (spacewalk-java) 1.2.39 de Spacewalk, tal como se utiliza en el servidor de Red Hat Network Satellite 5.3.0 hasta la versi\u00f3n 5.4.1 y otros productos, permite a atacantes remotos secuestrar la autenticaci\u00f3n de usuarios arbitrarios para peticiones que (1) deshabilitan la cuenta del usuario actual, (2) a\u00f1aden cuentas de usuarios, o (3) modifican cuentas de usuarios para tener privilegios administrativos.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N\",\"baseScore\":6.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.6,\"impactScore\":5.2}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-346\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-352\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:network_satellite_server:5.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"771FCD58-59DF-468C-9AB4-229DA07A0CA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:network_satellite_server:5.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D64C46C1-A5EB-4476-8DBA-F3C7D0FB5905\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:network_satellite_server:5.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2DF5F81-B099-4878-9739-D5B3B0E89030\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:spacewalk-java:1.2.39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8CF0A4D-0501-4DEC-AADD-4A157E5960D8\"}]}]}],\"references\":[{\"url\":\"http://securitytracker.com/id?1025674\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-0879.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/security/cve/CVE-2009-4139\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=529483\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/68074\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://securitytracker.com/id?1025674\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-0879.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=529483\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/68074\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

RHSA-2011:0879

Vulnerability from csaf_redhat - Published: 2011-06-16 18:57 - Updated: 2026-01-13 20:59

Summary

Red Hat Security Advisory: Red Hat Network Satellite server spacewalk-java security update

Severity

Moderate

Notes

Topic: Updated spacewalk-java packages that fix one security issue are now available for Red Hat Network Satellite 5.4.1 for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.

Details: Red Hat Network (RHN) Satellite provides a solution to organizations requiring absolute control over and privacy of the maintenance and package deployment of their servers. It allows organizations to utilize the benefits of the Red Hat Network without having to provide public Internet access to their servers or other client systems. It was found that RHN Satellite did not protect against Cross-Site Request Forgery (CSRF) attacks. If an authenticated RHN Satellite user visited a specially-crafted web page, it could lead to unauthorized command execution with the privileges of that user, for example, creating a new user account, granting administrator privileges to user accounts, disabling the account of the current user, and so on. (CVE-2009-4139) Red Hat would like to thank Christian Johansson of Bitsec AB and Thomas Biege of the SUSE Security Team for independently reporting this issue. Users of Red Hat Network Satellite 5.4.1 are advised to upgrade to these updated spacewalk-java packages, which resolve this issue. For this update to take effect, Red Hat Network Satellite must be restarted. Refer to the Solution section for details.

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2009-4139

Cross-site request forgery (CSRF) vulnerability in the Spacewalk Java site packages (aka spacewalk-java) 1.2.39 in Spacewalk, as used in the server in Red Hat Network Satellite 5.3.0 through 5.4.1 and other products, allows remote attackers to hijack the authentication of arbitrary users for requests that (1) disable the current user account, (2) add user accounts, or (3) modify user accounts to have administrator privileges.

4.3 ()


                        
                          AV:N/AC:M/Au:N/C:N/I:P/A:N

CWE-352 - Cross-Site Request Forgery (CSRF)

Vendor Fix Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 Run the following command to restart the Red Hat Network Satellite server: # rhn-satellite restart https://access.redhat.com/errata/RHSA-2011:0879

References

URL

Category

	https://access.redhat.com/errata/RHSA-2011:0879	self
	https://access.redhat.com/security/updates/classi…	external
	https://bugzilla.redhat.com/show_bug.cgi?id=529483	external
	https://security.access.redhat.com/data/csaf/v2/a…	self
	https://access.redhat.com/security/cve/CVE-2009-4139	self
	https://bugzilla.redhat.com/show_bug.cgi?id=529483	external
	https://www.cve.org/CVERecord?id=CVE-2009-4139	external
	https://nvd.nist.gov/vuln/detail/CVE-2009-4139	external

Acknowledgments

Bitsec AB Christian Johansson

SUSE Security Team Thomas Biege

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated spacewalk-java packages that fix one security issue are now\navailable for Red Hat Network Satellite 5.4.1 for Red Hat\nEnterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available from the CVE link in\nthe References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat Network (RHN) Satellite provides a solution to organizations\nrequiring absolute control over and privacy of the maintenance and package\ndeployment of their servers. It allows organizations to utilize the\nbenefits of the Red Hat Network without having to provide public Internet\naccess to their servers or other client systems.\n\nIt was found that RHN Satellite did not protect against Cross-Site Request\nForgery (CSRF) attacks. If an authenticated RHN Satellite user visited a\nspecially-crafted web page, it could lead to unauthorized command execution\nwith the privileges of that user, for example, creating a new user account,\ngranting administrator privileges to user accounts, disabling the account\nof the current user, and so on. (CVE-2009-4139)\n\nRed Hat would like to thank Christian Johansson of Bitsec AB and Thomas\nBiege of the SUSE Security Team for independently reporting this issue.\n\nUsers of Red Hat Network Satellite 5.4.1 are advised to upgrade to these\nupdated spacewalk-java packages, which resolve this issue. For this update\nto take effect, Red Hat Network Satellite must be restarted. Refer to the\nSolution section for details.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2011:0879",
        "url": "https://access.redhat.com/errata/RHSA-2011:0879"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "529483",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=529483"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2011/rhsa-2011_0879.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat Network Satellite server spacewalk-java security update",
    "tracking": {
      "current_release_date": "2026-01-13T20:59:29+00:00",
      "generator": {
        "date": "2026-01-13T20:59:29+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.15"
        }
      },
      "id": "RHSA-2011:0879",
      "initial_release_date": "2011-06-16T18:57:00+00:00",
      "revision_history": [
        {
          "date": "2011-06-16T18:57:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2011-06-16T15:01:11+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-01-13T20:59:29+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Satellite 5.4 (RHEL v.5)",
                "product": {
                  "name": "Red Hat Satellite 5.4 (RHEL v.5)",
                  "product_id": "5Server-Satellite54",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:network_satellite:5.4::el5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Satellite"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "spacewalk-java-oracle-0:1.2.39-85.el5sat.noarch",
                "product": {
                  "name": "spacewalk-java-oracle-0:1.2.39-85.el5sat.noarch",
                  "product_id": "spacewalk-java-oracle-0:1.2.39-85.el5sat.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/spacewalk-java-oracle@1.2.39-85.el5sat?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "spacewalk-java-0:1.2.39-85.el5sat.noarch",
                "product": {
                  "name": "spacewalk-java-0:1.2.39-85.el5sat.noarch",
                  "product_id": "spacewalk-java-0:1.2.39-85.el5sat.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/spacewalk-java@1.2.39-85.el5sat?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "spacewalk-java-config-0:1.2.39-85.el5sat.noarch",
                "product": {
                  "name": "spacewalk-java-config-0:1.2.39-85.el5sat.noarch",
                  "product_id": "spacewalk-java-config-0:1.2.39-85.el5sat.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/spacewalk-java-config@1.2.39-85.el5sat?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "spacewalk-taskomatic-0:1.2.39-85.el5sat.noarch",
                "product": {
                  "name": "spacewalk-taskomatic-0:1.2.39-85.el5sat.noarch",
                  "product_id": "spacewalk-taskomatic-0:1.2.39-85.el5sat.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/spacewalk-taskomatic@1.2.39-85.el5sat?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "spacewalk-java-lib-0:1.2.39-85.el5sat.noarch",
                "product": {
                  "name": "spacewalk-java-lib-0:1.2.39-85.el5sat.noarch",
                  "product_id": "spacewalk-java-lib-0:1.2.39-85.el5sat.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/spacewalk-java-lib@1.2.39-85.el5sat?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "spacewalk-java-0:1.2.39-85.el5sat.src",
                "product": {
                  "name": "spacewalk-java-0:1.2.39-85.el5sat.src",
                  "product_id": "spacewalk-java-0:1.2.39-85.el5sat.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/spacewalk-java@1.2.39-85.el5sat?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-java-0:1.2.39-85.el5sat.noarch as a component of Red Hat Satellite 5.4 (RHEL v.5)",
          "product_id": "5Server-Satellite54:spacewalk-java-0:1.2.39-85.el5sat.noarch"
        },
        "product_reference": "spacewalk-java-0:1.2.39-85.el5sat.noarch",
        "relates_to_product_reference": "5Server-Satellite54"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-java-0:1.2.39-85.el5sat.src as a component of Red Hat Satellite 5.4 (RHEL v.5)",
          "product_id": "5Server-Satellite54:spacewalk-java-0:1.2.39-85.el5sat.src"
        },
        "product_reference": "spacewalk-java-0:1.2.39-85.el5sat.src",
        "relates_to_product_reference": "5Server-Satellite54"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-java-config-0:1.2.39-85.el5sat.noarch as a component of Red Hat Satellite 5.4 (RHEL v.5)",
          "product_id": "5Server-Satellite54:spacewalk-java-config-0:1.2.39-85.el5sat.noarch"
        },
        "product_reference": "spacewalk-java-config-0:1.2.39-85.el5sat.noarch",
        "relates_to_product_reference": "5Server-Satellite54"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-java-lib-0:1.2.39-85.el5sat.noarch as a component of Red Hat Satellite 5.4 (RHEL v.5)",
          "product_id": "5Server-Satellite54:spacewalk-java-lib-0:1.2.39-85.el5sat.noarch"
        },
        "product_reference": "spacewalk-java-lib-0:1.2.39-85.el5sat.noarch",
        "relates_to_product_reference": "5Server-Satellite54"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-java-oracle-0:1.2.39-85.el5sat.noarch as a component of Red Hat Satellite 5.4 (RHEL v.5)",
          "product_id": "5Server-Satellite54:spacewalk-java-oracle-0:1.2.39-85.el5sat.noarch"
        },
        "product_reference": "spacewalk-java-oracle-0:1.2.39-85.el5sat.noarch",
        "relates_to_product_reference": "5Server-Satellite54"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-taskomatic-0:1.2.39-85.el5sat.noarch as a component of Red Hat Satellite 5.4 (RHEL v.5)",
          "product_id": "5Server-Satellite54:spacewalk-taskomatic-0:1.2.39-85.el5sat.noarch"
        },
        "product_reference": "spacewalk-taskomatic-0:1.2.39-85.el5sat.noarch",
        "relates_to_product_reference": "5Server-Satellite54"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "Christian Johansson"
          ],
          "organization": "Bitsec AB"
        },
        {
          "names": [
            "Thomas Biege"
          ],
          "organization": "SUSE Security Team"
        }
      ],
      "cve": "CVE-2009-4139",
      "cwe": {
        "id": "CWE-352",
        "name": "Cross-Site Request Forgery (CSRF)"
      },
      "discovery_date": "2009-10-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "529483"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Cross-site request forgery (CSRF) vulnerability in the Spacewalk Java site packages (aka spacewalk-java) 1.2.39 in Spacewalk, as used in the server in Red Hat Network Satellite 5.3.0 through 5.4.1 and other products, allows remote attackers to hijack the authentication of arbitrary users for requests that (1) disable the current user account, (2) add user accounts, or (3) modify user accounts to have administrator privileges.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Spacewalk: CSRF in all web portal forms",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Vulnerable. This issue has been addressed in Red Hat Network Satellite Server v 5.4.1 via RHSA-2011:0879 https://rhn.redhat.com/errata/RHSA-2011-0879.html. This issue is not planned to be fixed in Red Hat Network Satellite Server version 5.3.0.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Server-Satellite54:spacewalk-java-0:1.2.39-85.el5sat.noarch",
          "5Server-Satellite54:spacewalk-java-0:1.2.39-85.el5sat.src",
          "5Server-Satellite54:spacewalk-java-config-0:1.2.39-85.el5sat.noarch",
          "5Server-Satellite54:spacewalk-java-lib-0:1.2.39-85.el5sat.noarch",
          "5Server-Satellite54:spacewalk-java-oracle-0:1.2.39-85.el5sat.noarch",
          "5Server-Satellite54:spacewalk-taskomatic-0:1.2.39-85.el5sat.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2009-4139"
        },
        {
          "category": "external",
          "summary": "RHBZ#529483",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=529483"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2009-4139",
          "url": "https://www.cve.org/CVERecord?id=CVE-2009-4139"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-4139",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-4139"
        }
      ],
      "release_date": "2011-06-16T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2011-06-16T18:57:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\nRun the following command to restart the Red Hat Network Satellite\nserver:\n\n# rhn-satellite restart",
          "product_ids": [
            "5Server-Satellite54:spacewalk-java-0:1.2.39-85.el5sat.noarch",
            "5Server-Satellite54:spacewalk-java-0:1.2.39-85.el5sat.src",
            "5Server-Satellite54:spacewalk-java-config-0:1.2.39-85.el5sat.noarch",
            "5Server-Satellite54:spacewalk-java-lib-0:1.2.39-85.el5sat.noarch",
            "5Server-Satellite54:spacewalk-java-oracle-0:1.2.39-85.el5sat.noarch",
            "5Server-Satellite54:spacewalk-taskomatic-0:1.2.39-85.el5sat.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2011:0879"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "products": [
            "5Server-Satellite54:spacewalk-java-0:1.2.39-85.el5sat.noarch",
            "5Server-Satellite54:spacewalk-java-0:1.2.39-85.el5sat.src",
            "5Server-Satellite54:spacewalk-java-config-0:1.2.39-85.el5sat.noarch",
            "5Server-Satellite54:spacewalk-java-lib-0:1.2.39-85.el5sat.noarch",
            "5Server-Satellite54:spacewalk-java-oracle-0:1.2.39-85.el5sat.noarch",
            "5Server-Satellite54:spacewalk-taskomatic-0:1.2.39-85.el5sat.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Spacewalk: CSRF in all web portal forms"
    }
  ]
}

RHSA-2011_0879

Vulnerability from csaf_redhat - Published: 2011-06-16 18:57 - Updated: 2024-11-22 04:18

Summary

Red Hat Security Advisory: Red Hat Network Satellite server spacewalk-java security update

Severity

Moderate

Notes

CVE-2009-4139

4.3 ()


                        
                          AV:N/AC:M/Au:N/C:N/I:P/A:N

CWE-352 - Cross-Site Request Forgery (CSRF)

References

URL

Category

	https://access.redhat.com/errata/RHSA-2011:0879	self
	https://access.redhat.com/security/updates/classi…	external
	https://bugzilla.redhat.com/show_bug.cgi?id=529483	external
	https://security.access.redhat.com/data/csaf/v2/a…	self
	https://access.redhat.com/security/cve/CVE-2009-4139	self
	https://bugzilla.redhat.com/show_bug.cgi?id=529483	external
	https://www.cve.org/CVERecord?id=CVE-2009-4139	external
	https://nvd.nist.gov/vuln/detail/CVE-2009-4139	external

Acknowledgments

Bitsec AB Christian Johansson

SUSE Security Team Thomas Biege

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated spacewalk-java packages that fix one security issue are now\navailable for Red Hat Network Satellite 5.4.1 for Red Hat\nEnterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available from the CVE link in\nthe References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat Network (RHN) Satellite provides a solution to organizations\nrequiring absolute control over and privacy of the maintenance and package\ndeployment of their servers. It allows organizations to utilize the\nbenefits of the Red Hat Network without having to provide public Internet\naccess to their servers or other client systems.\n\nIt was found that RHN Satellite did not protect against Cross-Site Request\nForgery (CSRF) attacks. If an authenticated RHN Satellite user visited a\nspecially-crafted web page, it could lead to unauthorized command execution\nwith the privileges of that user, for example, creating a new user account,\ngranting administrator privileges to user accounts, disabling the account\nof the current user, and so on. (CVE-2009-4139)\n\nRed Hat would like to thank Christian Johansson of Bitsec AB and Thomas\nBiege of the SUSE Security Team for independently reporting this issue.\n\nUsers of Red Hat Network Satellite 5.4.1 are advised to upgrade to these\nupdated spacewalk-java packages, which resolve this issue. For this update\nto take effect, Red Hat Network Satellite must be restarted. Refer to the\nSolution section for details.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2011:0879",
        "url": "https://access.redhat.com/errata/RHSA-2011:0879"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "529483",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=529483"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2011/rhsa-2011_0879.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat Network Satellite server spacewalk-java security update",
    "tracking": {
      "current_release_date": "2024-11-22T04:18:51+00:00",
      "generator": {
        "date": "2024-11-22T04:18:51+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2011:0879",
      "initial_release_date": "2011-06-16T18:57:00+00:00",
      "revision_history": [
        {
          "date": "2011-06-16T18:57:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2011-06-16T15:01:11+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T04:18:51+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Satellite 5.4 (RHEL v.5)",
                "product": {
                  "name": "Red Hat Satellite 5.4 (RHEL v.5)",
                  "product_id": "5Server-Satellite54",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:network_satellite:5.4::el5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Satellite"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "spacewalk-java-oracle-0:1.2.39-85.el5sat.noarch",
                "product": {
                  "name": "spacewalk-java-oracle-0:1.2.39-85.el5sat.noarch",
                  "product_id": "spacewalk-java-oracle-0:1.2.39-85.el5sat.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/spacewalk-java-oracle@1.2.39-85.el5sat?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "spacewalk-java-0:1.2.39-85.el5sat.noarch",
                "product": {
                  "name": "spacewalk-java-0:1.2.39-85.el5sat.noarch",
                  "product_id": "spacewalk-java-0:1.2.39-85.el5sat.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/spacewalk-java@1.2.39-85.el5sat?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "spacewalk-java-config-0:1.2.39-85.el5sat.noarch",
                "product": {
                  "name": "spacewalk-java-config-0:1.2.39-85.el5sat.noarch",
                  "product_id": "spacewalk-java-config-0:1.2.39-85.el5sat.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/spacewalk-java-config@1.2.39-85.el5sat?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "spacewalk-taskomatic-0:1.2.39-85.el5sat.noarch",
                "product": {
                  "name": "spacewalk-taskomatic-0:1.2.39-85.el5sat.noarch",
                  "product_id": "spacewalk-taskomatic-0:1.2.39-85.el5sat.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/spacewalk-taskomatic@1.2.39-85.el5sat?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "spacewalk-java-lib-0:1.2.39-85.el5sat.noarch",
                "product": {
                  "name": "spacewalk-java-lib-0:1.2.39-85.el5sat.noarch",
                  "product_id": "spacewalk-java-lib-0:1.2.39-85.el5sat.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/spacewalk-java-lib@1.2.39-85.el5sat?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "spacewalk-java-0:1.2.39-85.el5sat.src",
                "product": {
                  "name": "spacewalk-java-0:1.2.39-85.el5sat.src",
                  "product_id": "spacewalk-java-0:1.2.39-85.el5sat.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/spacewalk-java@1.2.39-85.el5sat?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-java-0:1.2.39-85.el5sat.noarch as a component of Red Hat Satellite 5.4 (RHEL v.5)",
          "product_id": "5Server-Satellite54:spacewalk-java-0:1.2.39-85.el5sat.noarch"
        },
        "product_reference": "spacewalk-java-0:1.2.39-85.el5sat.noarch",
        "relates_to_product_reference": "5Server-Satellite54"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-java-0:1.2.39-85.el5sat.src as a component of Red Hat Satellite 5.4 (RHEL v.5)",
          "product_id": "5Server-Satellite54:spacewalk-java-0:1.2.39-85.el5sat.src"
        },
        "product_reference": "spacewalk-java-0:1.2.39-85.el5sat.src",
        "relates_to_product_reference": "5Server-Satellite54"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-java-config-0:1.2.39-85.el5sat.noarch as a component of Red Hat Satellite 5.4 (RHEL v.5)",
          "product_id": "5Server-Satellite54:spacewalk-java-config-0:1.2.39-85.el5sat.noarch"
        },
        "product_reference": "spacewalk-java-config-0:1.2.39-85.el5sat.noarch",
        "relates_to_product_reference": "5Server-Satellite54"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-java-lib-0:1.2.39-85.el5sat.noarch as a component of Red Hat Satellite 5.4 (RHEL v.5)",
          "product_id": "5Server-Satellite54:spacewalk-java-lib-0:1.2.39-85.el5sat.noarch"
        },
        "product_reference": "spacewalk-java-lib-0:1.2.39-85.el5sat.noarch",
        "relates_to_product_reference": "5Server-Satellite54"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-java-oracle-0:1.2.39-85.el5sat.noarch as a component of Red Hat Satellite 5.4 (RHEL v.5)",
          "product_id": "5Server-Satellite54:spacewalk-java-oracle-0:1.2.39-85.el5sat.noarch"
        },
        "product_reference": "spacewalk-java-oracle-0:1.2.39-85.el5sat.noarch",
        "relates_to_product_reference": "5Server-Satellite54"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-taskomatic-0:1.2.39-85.el5sat.noarch as a component of Red Hat Satellite 5.4 (RHEL v.5)",
          "product_id": "5Server-Satellite54:spacewalk-taskomatic-0:1.2.39-85.el5sat.noarch"
        },
        "product_reference": "spacewalk-taskomatic-0:1.2.39-85.el5sat.noarch",
        "relates_to_product_reference": "5Server-Satellite54"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "Christian Johansson"
          ],
          "organization": "Bitsec AB"
        },
        {
          "names": [
            "Thomas Biege"
          ],
          "organization": "SUSE Security Team"
        }
      ],
      "cve": "CVE-2009-4139",
      "cwe": {
        "id": "CWE-352",
        "name": "Cross-Site Request Forgery (CSRF)"
      },
      "discovery_date": "2009-10-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "529483"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Cross-site request forgery (CSRF) vulnerability in the Spacewalk Java site packages (aka spacewalk-java) 1.2.39 in Spacewalk, as used in the server in Red Hat Network Satellite 5.3.0 through 5.4.1 and other products, allows remote attackers to hijack the authentication of arbitrary users for requests that (1) disable the current user account, (2) add user accounts, or (3) modify user accounts to have administrator privileges.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Spacewalk: CSRF in all web portal forms",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Vulnerable. This issue has been addressed in Red Hat Network Satellite Server v 5.4.1 via RHSA-2011:0879 https://rhn.redhat.com/errata/RHSA-2011-0879.html. This issue is not planned to be fixed in Red Hat Network Satellite Server version 5.3.0.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Server-Satellite54:spacewalk-java-0:1.2.39-85.el5sat.noarch",
          "5Server-Satellite54:spacewalk-java-0:1.2.39-85.el5sat.src",
          "5Server-Satellite54:spacewalk-java-config-0:1.2.39-85.el5sat.noarch",
          "5Server-Satellite54:spacewalk-java-lib-0:1.2.39-85.el5sat.noarch",
          "5Server-Satellite54:spacewalk-java-oracle-0:1.2.39-85.el5sat.noarch",
          "5Server-Satellite54:spacewalk-taskomatic-0:1.2.39-85.el5sat.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2009-4139"
        },
        {
          "category": "external",
          "summary": "RHBZ#529483",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=529483"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2009-4139",
          "url": "https://www.cve.org/CVERecord?id=CVE-2009-4139"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-4139",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-4139"
        }
      ],
      "release_date": "2011-06-16T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2011-06-16T18:57:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\nRun the following command to restart the Red Hat Network Satellite\nserver:\n\n# rhn-satellite restart",
          "product_ids": [
            "5Server-Satellite54:spacewalk-java-0:1.2.39-85.el5sat.noarch",
            "5Server-Satellite54:spacewalk-java-0:1.2.39-85.el5sat.src",
            "5Server-Satellite54:spacewalk-java-config-0:1.2.39-85.el5sat.noarch",
            "5Server-Satellite54:spacewalk-java-lib-0:1.2.39-85.el5sat.noarch",
            "5Server-Satellite54:spacewalk-java-oracle-0:1.2.39-85.el5sat.noarch",
            "5Server-Satellite54:spacewalk-taskomatic-0:1.2.39-85.el5sat.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2011:0879"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "products": [
            "5Server-Satellite54:spacewalk-java-0:1.2.39-85.el5sat.noarch",
            "5Server-Satellite54:spacewalk-java-0:1.2.39-85.el5sat.src",
            "5Server-Satellite54:spacewalk-java-config-0:1.2.39-85.el5sat.noarch",
            "5Server-Satellite54:spacewalk-java-lib-0:1.2.39-85.el5sat.noarch",
            "5Server-Satellite54:spacewalk-java-oracle-0:1.2.39-85.el5sat.noarch",
            "5Server-Satellite54:spacewalk-taskomatic-0:1.2.39-85.el5sat.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Spacewalk: CSRF in all web portal forms"
    }
  ]
}

GSD-2009-4139

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2009-4139

Aliases

CVE-2009-4139

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2009-4139",
    "description": "Cross-site request forgery (CSRF) vulnerability in the Spacewalk Java site packages (aka spacewalk-java) 1.2.39 in Spacewalk, as used in the server in Red Hat Network Satellite 5.3.0 through 5.4.1 and other products, allows remote attackers to hijack the authentication of arbitrary users for requests that (1) disable the current user account, (2) add user accounts, or (3) modify user accounts to have administrator privileges.",
    "id": "GSD-2009-4139",
    "references": [
      "https://www.suse.com/security/cve/CVE-2009-4139.html",
      "https://access.redhat.com/errata/RHSA-2011:0879"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2009-4139"
      ],
      "details": "Cross-site request forgery (CSRF) vulnerability in the Spacewalk Java site packages (aka spacewalk-java) 1.2.39 in Spacewalk, as used in the server in Red Hat Network Satellite 5.3.0 through 5.4.1 and other products, allows remote attackers to hijack the authentication of arbitrary users for requests that (1) disable the current user account, (2) add user accounts, or (3) modify user accounts to have administrator privileges.",
      "id": "GSD-2009-4139",
      "modified": "2023-12-13T01:19:44.980679Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2009-4139",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Cross-site request forgery (CSRF) vulnerability in the Spacewalk Java site packages (aka spacewalk-java) 1.2.39 in Spacewalk, as used in the server in Red Hat Network Satellite 5.3.0 through 5.4.1 and other products, allows remote attackers to hijack the authentication of arbitrary users for requests that (1) disable the current user account, (2) add user accounts, or (3) modify user accounts to have administrator privileges."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "1025674",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1025674"
          },
          {
            "name": "nss-spacewalk-csrf(68074)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68074"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=529483",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=529483"
          },
          {
            "name": "RHSA-2011:0879",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0879.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:redhat:network_satellite_server:5.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redhat:network_satellite_server:5.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redhat:network_satellite_server:5.4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redhat:spacewalk-java:1.2.39:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2009-4139"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Cross-site request forgery (CSRF) vulnerability in the Spacewalk Java site packages (aka spacewalk-java) 1.2.39 in Spacewalk, as used in the server in Red Hat Network Satellite 5.3.0 through 5.4.1 and other products, allows remote attackers to hijack the authentication of arbitrary users for requests that (1) disable the current user account, (2) add user accounts, or (3) modify user accounts to have administrator privileges."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-352"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2011:0879",
              "refsource": "REDHAT",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0879.html"
            },
            {
              "name": "1025674",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1025674"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=529483",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=529483"
            },
            {
              "name": "nss-spacewalk-csrf(68074)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68074"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2017-08-17T01:31Z",
      "publishedDate": "2011-07-27T02:55Z"
    }
  }
}

FKIE_CVE-2009-4139

Vulnerability from fkie_nvd - Published: 2011-07-27 02:55 - Updated: 2026-04-29 01:13

Severity ?

6.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

Summary

References

URL	Tags
secalert@redhat.com	http://securitytracker.com/id?1025674
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2011-0879.html	Patch, Vendor Advisory
secalert@redhat.com	https://access.redhat.com/security/cve/CVE-2009-4139
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=529483
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/68074
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1025674
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2011-0879.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=529483
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/68074

Impacted products

Vendor	Product	Version
redhat	network_satellite_server	5.3.0
redhat	network_satellite_server	5.4.0
redhat	network_satellite_server	5.4.1
redhat	spacewalk-java	1.2.39

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redhat:network_satellite_server:5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "771FCD58-59DF-468C-9AB4-229DA07A0CA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:network_satellite_server:5.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D64C46C1-A5EB-4476-8DBA-F3C7D0FB5905",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:network_satellite_server:5.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2DF5F81-B099-4878-9739-D5B3B0E89030",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:spacewalk-java:1.2.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8CF0A4D-0501-4DEC-AADD-4A157E5960D8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A flaw was found in Spacewalk Java site packages. This cross-site request forgery (CSRF) vulnerability allows a remote attacker to hijack the authentication of arbitrary users. This can lead to unauthorized actions, including disabling user accounts, adding new user accounts, or escalating privileges by modifying existing user accounts to have administrator access."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de falsificaci\u00f3n de petici\u00f3n en sitios cruzados (CSRF) en los paquetes Spacewalk Java (spacewalk-java) 1.2.39 de Spacewalk, tal como se utiliza en el servidor de Red Hat Network Satellite 5.3.0 hasta la versi\u00f3n 5.4.1 y otros productos, permite a atacantes remotos secuestrar la autenticaci\u00f3n de usuarios arbitrarios para peticiones que (1) deshabilitan la cuenta del usuario actual, (2) a\u00f1aden cuentas de usuarios, o (3) modifican cuentas de usuarios para tener privilegios administrativos."
    }
  ],
  "id": "CVE-2009-4139",
  "lastModified": "2026-04-29T01:13:23.040",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 5.2,
        "source": "secalert@redhat.com",
        "type": "Primary"
      }
    ]
  },
  "published": "2011-07-27T02:55:01.243",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://securitytracker.com/id?1025674"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2011-0879.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/security/cve/CVE-2009-4139"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=529483"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68074"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1025674"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2011-0879.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=529483"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68074"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-346"
        }
      ],
      "source": "secalert@redhat.com",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-352"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Secondary"
    }
  ]
}

GHSA-PVXX-XVVP-HC24

Vulnerability from github – Published: 2022-05-02 03:51 – Updated: 2022-05-02 03:51

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2009-4139"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-352"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2011-07-27T02:55:00Z",
    "severity": "MODERATE"
  },
  "details": "Cross-site request forgery (CSRF) vulnerability in the Spacewalk Java site packages (aka spacewalk-java) 1.2.39 in Spacewalk, as used in the server in Red Hat Network Satellite 5.3.0 through 5.4.1 and other products, allows remote attackers to hijack the authentication of arbitrary users for requests that (1) disable the current user account, (2) add user accounts, or (3) modify user accounts to have administrator privileges.",
  "id": "GHSA-pvxx-xvvp-hc24",
  "modified": "2022-05-02T03:51:54Z",
  "published": "2022-05-02T03:51:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-4139"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=529483"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68074"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1025674"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2011-0879.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2009-4139 (GCVE-0-2009-4139)

RHSA-2011:0879

RHSA-2011_0879

GSD-2009-4139

FKIE_CVE-2009-4139

GHSA-PVXX-XVVP-HC24

Tags

Sightings

Nomenclature