Описание
LanItems.ycp in save_y2logs in yast2-network before 2.24.4 in SUSE YaST writes cleartext Wi-Fi credentials to the y2log log file, which allows context-dependent attackers to obtain sensitive information by reading the (1) WIRELESS_WPA_PASSWORD or (2) WIRELESS_CLIENT_KEY_PASSWORD field.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*
EPSS
Процентиль: 48%
0.00251
Низкий
7.8 High
CVSS2
Дефекты
CWE-200
Связанные уязвимости
github
почти 4 года назад
LanItems.ycp in save_y2logs in yast2-network before 2.24.4 in SUSE YaST writes cleartext Wi-Fi credentials to the y2log log file, which allows context-dependent attackers to obtain sensitive information by reading the (1) WIRELESS_WPA_PASSWORD or (2) WIRELESS_CLIENT_KEY_PASSWORD field.
EPSS
Процентиль: 48%
0.00251
Низкий
7.8 High
CVSS2
Дефекты
CWE-200