Nucleus: [High] - 440041

[mcsaez2]

Source: QUALYS
Description: CentOS has released security update for kernel to fix the vulnerabilities. Affected Products: centos 6 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5398

Impact: This vulnerability could be exploited to gain complete access to sensitive information. Malicious users could also use this vulnerability to change all the contents or configuration on the system. Additionally this vulnerability can also be used to cause a complete denial of service and could render the resource completely unavailable.

Target:
Asset name: 192.168.56.103 - IP: 192.168.56.103
Asset name: 192.168.56.131 - IP: 192.168.56.131

Solution: To resolve this issue, upgrade to the latest packages which contain a patch. Refer to CentOS advisory centos 6 (https://lists.centos.org/pipermail/centos-announce/2018-May/022827.html) for updates and patch information.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
CESA-2018:1319: centos 6 (https://lists.centos.org/pipermail/centos-announce/2018-May/022827.html)

References:
QID: 440041
CVE: CVE-2017-5754, CVE-2018-8897, CVE-2017-7645, CVE-2017-8824, CVE-2017-13166, CVE-2017-18017, CVE-2017-1000410
Category: CentOS
PCI Flagged: yes
Vendor References: CESA-2018:1319 centos 6
Bugtraq IDs: 102101, 102378, 97950, 102056, 104071, 102367, 99843, 106128

Severity: High
Exploitable: Yes
Date Discovered: 2021-12-12 10:43:00

Please see https://192.168.56.101/nucleus/public/app/index.php#vuln/130000004/NDQwMDQx/UVVBTFlT/VnVsbi1Db21wbGlhbmNl/false/MTMwMDAwMDA0/c3VtbWFyeQ--/false/MjAyMS0xMi0xMiAxMDo0MzowMA-- for more information on these vulnerabilities
Issue was manually created by Nucleus user: Nucleus User

[mcsaez2]

By Nucleus Bot

Ticket was updated via a ticketing rule from Nucleus as new data was ingested.

2 assets were found to still have this vulnerability.
Active Assets:
Asset name: 192.168.56.103
Asset name: 192.168.56.131