CVE-2022-43753: 
Linux Oracle vulnerability analysis and mitigation

A Path Traversal vulnerability (CVE-2022-43753) was discovered in spacewalk/Uyuni affecting SUSE Linux Enterprise Module for SUSE Manager Server versions 4.2 and 4.3, and SUSE Manager Server 4.2. The vulnerability was disclosed on November 10, 2022. The issue allows remote attackers to read files available to the user running the process, typically tomcat (SUSE NVD).

The vulnerability exists in the ScapResultDownload servlet where attackers can evade from the location where the report is created and access arbitrary files. The issue occurs due to improper validation of the getAbsolutePath() method in the ScapResultFile class, which fails to properly filter directory traversal characters. The vulnerability has a CVSS v3.1 Base Score of 4.3 MEDIUM (Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N) (SUSE Bugzilla).

The vulnerability allows attackers to access files that are viewable by the tomcat user, files accessible to groups www, susemanager and tomcat, and files viewable by anyone. Since tomcat runs as a non-privileged user process, the impact is limited to file system confidentiality for files accessible to these permissions (SUSE Bugzilla).

The vulnerability has been fixed in SUSE Manager versions 4.3.2, 4.2.10 and Uyuni-2022.10. The fix involves modifying the getAbsolutePath() method in the ScapResultFile class to properly discard characters that could be used to evade from the report output directory (SUSE Bugzilla).