Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2021:2235

Опубликовано: 03 июн. 2021
Источник: rocky
Оценка: Important

Описание

Important: pki-core:10.6 security update

The Public Key Infrastructure (PKI) Core contains fundamental packages required by Rocky Enterprise Software Foundation Certificate System.

Security Fix(es):

  • pki-server: Dogtag installer "pkispawn" logs admin credentials into a world-readable log file (CVE-2021-3551)

The PKI installer "pkispawn" logs admin credentials into a world-readable log file. It also looks like the installer is passing the password as an insecure command line argument. The credentials are the 389-DS LDAP server's Directory Manager credentials. The Directory Manager is 389-DS' equivalent of unrestricted root account. The user bypasses permission checks and grants full access to data. In an IdM / FreeIPA installation the DM user is able to read and manipulate Kerberos KDC master password, Kerberos keytabs, hashed user passwords, and more. Any and all IdM and FreeIPA installations with PKI 10.10 should be considered compromised.

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
ldapjdk-javadocnoarch1.module+el8.4.0+418+b7ae1d4aldapjdk-javadoc-4.22.0-1.module+el8.4.0+418+b7ae1d4a.noarch.rpm
ldapjdknoarch1.module+el8.4.0+418+b7ae1d4aldapjdk-4.22.0-1.module+el8.4.0+418+b7ae1d4a.noarch.rpm
pki-canoarch3.module+el8.4.0+554+92b527a1pki-ca-10.10.5-3.module+el8.4.0+554+92b527a1.noarch.rpm
pki-symkeyx86_643.module+el8.4.0+554+92b527a1pki-symkey-10.10.5-3.module+el8.4.0+554+92b527a1.x86_64.rpm
pki-kranoarch3.module+el8.4.0+554+92b527a1pki-kra-10.10.5-3.module+el8.4.0+554+92b527a1.noarch.rpm
pki-toolsx86_643.module+el8.4.0+554+92b527a1pki-tools-10.10.5-3.module+el8.4.0+554+92b527a1.x86_64.rpm
tomcatjssnoarch1.module+el8.4.0+418+b7ae1d4atomcatjss-7.6.1-1.module+el8.4.0+418+b7ae1d4a.noarch.rpm
pki-base-javanoarch3.module+el8.4.0+554+92b527a1pki-base-java-10.10.5-3.module+el8.4.0+554+92b527a1.noarch.rpm
python3-pkinoarch3.module+el8.4.0+554+92b527a1python3-pki-10.10.5-3.module+el8.4.0+554+92b527a1.noarch.rpm
pki-acmenoarch3.module+el8.4.0+554+92b527a1pki-acme-10.10.5-3.module+el8.4.0+554+92b527a1.noarch.rpm

Показывать по

Связанные CVE

CVE-2021-3551

Ссылки на источники

Исправления

Связанные уязвимости

ubuntu логотип

CVE-2021-3551

CVSS3: 7.8
ubuntu
почти 4 года назад

A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This flaw allows a local attacker to retrieve the file to obtain the admin password and gain admin privileges to the Dogtag CA manager. The highest threat from this vulnerability is to confidentiality.

redhat логотип

CVE-2021-3551

CVSS3: 7.8
redhat
больше 4 лет назад

A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This flaw allows a local attacker to retrieve the file to obtain the admin password and gain admin privileges to the Dogtag CA manager. The highest threat from this vulnerability is to confidentiality.

nvd логотип

CVE-2021-3551

CVSS3: 7.8
nvd
почти 4 года назад

A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This flaw allows a local attacker to retrieve the file to obtain the admin password and gain admin privileges to the Dogtag CA manager. The highest threat from this vulnerability is to confidentiality.

debian логотип

CVE-2021-3551

CVSS3: 7.8
debian
почти 4 года назад

A flaw was found in the PKI-server, where the spkispawn command, when ...

github логотип

GHSA-9ggg-37fj-xc96

github
почти 4 года назад

A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This flaw allows a local attacker to retrieve the file to obtain the admin password and gain admin privileges to the Dogtag CA manager. The highest threat from this vulnerability is to confidentiality.