exploitDog

CVE-2012-0059

Опубликовано: 05 фев. 2014

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Spacewalk-backend in Red Hat Network (RHN) Satellite and Proxy 5.4 includes cleartext user passwords in an error message when a system registration XML-RPC call fails, which allows remote administrators to obtain the password by reading (1) the server log and (2) an email.

Ссылки

http://rhn.redhat.com/errata/RHSA-2012-0101.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2012-0102.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2012-0101.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2012-0102.html
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:redhat:network_proxy:5.4:*:*:*:*:*:*:*

cpe:2.3:a:redhat:satellite:5.4:*:*:*:*:*:*:*

EPSS

Процентиль: 45%

0.00229

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-310

Связанные уязвимости

CVE-2012-0059

redhat

около 14 лет назад

Spacewalk-backend in Red Hat Network (RHN) Satellite and Proxy 5.4 includes cleartext user passwords in an error message when a system registration XML-RPC call fails, which allows remote administrators to obtain the password by reading (1) the server log and (2) an email.

GHSA-gqj9-6pwj-7952

github

почти 4 года назад

Spacewalk-backend in Red Hat Network (RHN) Satellite and Proxy 5.4 includes cleartext user passwords in an error message when a system registration XML-RPC call fails, which allows remote administrators to obtain the password by reading (1) the server log and (2) an email.

EPSS

Процентиль: 45%

0.00229

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-310