CVE-2023-4886 is a security vulnerability identified in Red Hat Satellite 6.13 running on Red Hat Enterprise Linux 8. The issue stems from the tomcat server.xml configuration file being world-readable, which inadvertently exposes passwords used for candlepin's keystore and truststore. Candlepin is a critical component responsible for subscription management and entitlement services within Red Hat Satellite, and its keystore and truststore contain sensitive cryptographic credentials essential for secure communications and authentication. Because the server.xml file is accessible by any user on the system, an unauthorized local actor with some level of elevated privileges (PR:H) can read these passwords without requiring user interaction. This exposure can lead to compromise of the keystore and truststore, enabling attackers to impersonate services, decrypt sensitive data, or manipulate subscription management processes. The vulnerability has a CVSS v3.1 score of 6.7, classified as medium severity, reflecting the requirement for local privileged access but the high impact on confidentiality, integrity, and availability if exploited. No public exploits have been reported yet, but the risk remains significant due to the sensitive nature of the exposed credentials. The root cause is improper file permission settings on the tomcat server.xml file, which should be restricted to only necessary system users. This vulnerability highlights the importance of secure configuration management and least privilege principles in critical infrastructure components like Red Hat Satellite.

For European organizations, especially those relying on Red Hat Satellite for managing their Linux infrastructure and subscriptions, this vulnerability poses a significant risk. Exposure of candlepin keystore and truststore passwords can lead to unauthorized access to subscription management services, potentially allowing attackers to manipulate license entitlements or disrupt service availability. Furthermore, compromise of these credentials could facilitate lateral movement within the network, privilege escalation, or interception of sensitive communications. Organizations in sectors with strict compliance requirements, such as finance, healthcare, and government, may face regulatory consequences if sensitive data is compromised. The requirement for local privileged access somewhat limits the attack surface; however, insider threats or attackers who have already gained partial access could exploit this vulnerability to deepen their foothold. The medium severity rating suggests that while immediate remote exploitation is unlikely, the potential damage to confidentiality, integrity, and availability is substantial if exploited. This could result in operational disruptions, loss of trust, and increased remediation costs.

To mitigate CVE-2023-4886, organizations should immediately audit the file permissions of the tomcat server.xml file on all Red Hat Satellite 6.13 installations running on RHEL 8. The file permissions must be restricted to only the tomcat service user and system administrators, removing world-readable access. Implement strict access control policies and regularly review user privileges to ensure that only trusted personnel have elevated access. Monitor system logs for unusual access patterns to the server.xml file or candlepin services. Apply any patches or updates released by Red Hat addressing this vulnerability as soon as they become available. Additionally, consider isolating Red Hat Satellite servers in segmented network zones with limited access to reduce the risk of unauthorized local access. Employ host-based intrusion detection systems (HIDS) to detect unauthorized file access attempts. Finally, conduct security awareness training for administrators to emphasize the importance of secure file permissions and configuration management.