2.1

CVE-2008-2368

Red Hat Certificate System 7.2 stores passwords in cleartext in the UserDirEnrollment log, the RA wizard installer log, and unspecified other debug log files, and uses weak permissions for these files, which allows local users to discover passwords by reading the files.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
RedhatCertificate System Version7.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.24% 0.151
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/33540
Vendor Advisory
http://securitytracker.com/id?1021608
http://www.securityfocus.com/bid/33288
http://www.vupen.com/english/advisories/2009/0145
https://rhn.redhat.com/errata/RHSA-2009-0006.html
Vendor Advisory
https://rhn.redhat.com/errata/RHSA-2009-0007.html
https://bugzilla.redhat.com/show_bug.cgi?id=452000
https://exchange.xforce.ibmcloud.com/vulnerabilities/48022