2.1

CVE-2008-2368

EPSS 0.03%
Veröffentlicht 20.01.2009 16:30:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle secalert@redhat.com
CVE-Watchlists
Login
Unerledigt
Login

Red Hat Certificate System 7.2 stores passwords in cleartext in the UserDirEnrollment log, the RA wizard installer log, and unspecified other debug log files, and uses weak permissions for these files, which allows local users to discover passwords by reading the files.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 11

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Redhat ≫ Certificate System Version7.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.062

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	2.1	3.9	2.9	AV:L/AC:L/Au:N/C:P/I:N/A:N

http://secunia.com/advisories/33540

Vendor Advisory

http://securitytracker.com/id?1021608

http://www.securityfocus.com/bid/33288

http://www.vupen.com/english/advisories/2009/0145

https://rhn.redhat.com/errata/RHSA-2009-0006.html

Vendor Advisory

https://rhn.redhat.com/errata/RHSA-2009-0007.html

https://bugzilla.redhat.com/show_bug.cgi?id=452000

https://exchange.xforce.ibmcloud.com/vulnerabilities/48022

https://nvd.nist.gov/vuln/detail/CVE-2008-2368

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-2368

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-2368

EUVD