2.1

CVE-2008-2368

EPSS 0.03%
Published 20.01.2009 16:30:00
Last modified 09.04.2025 00:30:58
Source secalert@redhat.com
Teams watchlist Login
Open Login

Red Hat Certificate System 7.2 stores passwords in cleartext in the UserDirEnrollment log, the RA wizard installer log, and unspecified other debug log files, and uses weak permissions for these files, which allows local users to discover passwords by reading the files.

Affected products Warnungen 0 Metrics 2 CWE 0 References 11

Data is provided by the National Vulnerability Database (NVD)

Redhat ≫ Certificate System Version7.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.03%	0.062

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	2.1	3.9	2.9	AV:L/AC:L/Au:N/C:P/I:N/A:N

http://secunia.com/advisories/33540

Vendor Advisory

http://securitytracker.com/id?1021608

http://www.securityfocus.com/bid/33288

http://www.vupen.com/english/advisories/2009/0145

https://rhn.redhat.com/errata/RHSA-2009-0006.html

Vendor Advisory

https://rhn.redhat.com/errata/RHSA-2009-0007.html

https://bugzilla.redhat.com/show_bug.cgi?id=452000

https://exchange.xforce.ibmcloud.com/vulnerabilities/48022

https://nvd.nist.gov/vuln/detail/CVE-2008-2368

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-2368

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-2368

EUVD