SUSE has released a critical update for python-requests (CVE-2024-47081) fixing a high-severity .netrc credential leak. Learn patch instructions, CVSS 8.2 details, and affected products for SUSE Linux Micro 6.0. Stay secure with expert-recommended fixes.
SUSE Addresses .netrc Credential Leak with Urgent Patch
Vulnerability Overview
A high-risk security flaw (CVE-2024-47081) in python-requests exposes sensitive .netrc credentials due to improper URL processing. This vulnerability, scored CVSS 8.2 by SUSE, allows attackers to harvest credentials remotely without user interaction.
Key Risks
Credential Leak: Exploitable via crafted URLs, compromising authentication data.
Widespread Impact: Affects SUSE Linux Micro 6.0 systems using python311-requests 2.32.3.
NVD Ratings: Conflicting scores (5.3–5.9 CVSSv3) highlight context-dependent severity.
Patch Instructions
Recommended Methods
YaST Online Update: Use SUSE’s built-in tool for automated patching.
Zypper Patch: For CLI users, run:
zypper in -t patch SUSE-SLE-Micro-6.0-371=1
Affected Package
SUSE Linux Micro 6.0 (noarch):
python311-requests-2.32.3-2.1
Technical Deep Dive
CVSS 4.0 Breakdown
| Metric | Score | Explanation |
|---|---|---|
| Attack Vector | Network (AV:N) | Exploitable remotely. |
| Confidentiality | High (VC:H) | Credentials exposed. |
| Privileges Required | None (PR:N) | No authentication needed. |
Why This Matters: The discrepancy between SUSE (8.2) and NVD (5.3) scores underscores the need for vendor-specific assessments.
Proactive Security Measures
Immediate Action: Patch systems within 24 hours (per CISA guidelines).
Monitor .netrc Files: Audit for unauthorized access.
Defense-in-Depth: Combine with network segmentation.
FAQ
Q: Is this vulnerability exploitable in cloud environments?
A: Yes, if using unpatched SUSE Micro 6.0 instances.
Q: Are there workarounds if patching isn’t immediate?
A: Disable .netrc usage or restrict outbound URLs via firewall rules.
Nenhum comentário:
Postar um comentário