Описание
Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf, which allows local users to read the administrative password by reading this file.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| RHUI for RHEL 6 | pulp | Affected | ||
| CloudForms for RHEL 6 | candlepin | Fixed | RHSA-2012:1543 | 04.12.2012 |
| CloudForms for RHEL 6 | gofer | Fixed | RHSA-2012:1543 | 04.12.2012 |
| CloudForms for RHEL 6 | grinder | Fixed | RHSA-2012:1543 | 04.12.2012 |
| CloudForms for RHEL 6 | katello | Fixed | RHSA-2012:1543 | 04.12.2012 |
| CloudForms for RHEL 6 | katello-agent | Fixed | RHSA-2012:1543 | 04.12.2012 |
| CloudForms for RHEL 6 | katello-certs-tools | Fixed | RHSA-2012:1543 | 04.12.2012 |
| CloudForms for RHEL 6 | katello-cli | Fixed | RHSA-2012:1543 | 04.12.2012 |
| CloudForms for RHEL 6 | katello-cli-tests | Fixed | RHSA-2012:1543 | 04.12.2012 |
| CloudForms for RHEL 6 | katello-configure | Fixed | RHSA-2012:1543 | 04.12.2012 |
Показывать по
10
Дополнительная информация
Статус:
Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=872487pulp /etc/pulp/pulp.conf world readable, contains default admin password
4.9 Medium
CVSS2
Связанные уязвимости
nvd
около 13 лет назад
Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf, which allows local users to read the administrative password by reading this file.
github
больше 3 лет назад
Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf, which allows local users to read the administrative password by reading this file.
4.9 Medium
CVSS2