2.1
CVE-2008-2368
- EPSS 0.24%
- Veröffentlicht 20.01.2009 16:30:00
- Zuletzt bearbeitet 16.06.2026 22:53:38
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Red Hat Certificate System 7.2 stores passwords in cleartext in the UserDirEnrollment log, the RA wizard installer log, and unspecified other debug log files, and uses weak permissions for these files, which allows local users to discover passwords by reading the files.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Redhat ≫ Certificate System Version7.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.24% | 0.151 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 2.1 | 3.9 | 2.9 |
AV:L/AC:L/Au:N/C:P/I:N/A:N
|
http://secunia.com/advisories/33540
http://securitytracker.com/id?1021608
http://www.securityfocus.com/bid/33288
http://www.vupen.com/english/advisories/2009/0145
https://rhn.redhat.com/errata/RHSA-2009-0006.html
https://rhn.redhat.com/errata/RHSA-2009-0007.html
https://bugzilla.redhat.com/show_bug.cgi?id=452000
https://exchange.xforce.ibmcloud.com/vulnerabilities/48022