1. CVE-Search
  2. CVE-2012-0059
ID CVE-2012-0059
Summary Spacewalk-backend in Red Hat Network (RHN) Satellite and Proxy 5.4 includes cleartext user passwords in an error message when a system registration XML-RPC call fails, which allows remote administrators to obtain the password by reading (1) the server log and (2) an email.
References
Vulnerable Configurations
  • cpe:2.3:a:redhat:network_proxy:5.4:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:network_proxy:5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:satellite:5.4:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:satellite:5.4:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 03-02-2022 - 16:26)
Impact:
Exploitability:
CWE CWE-310
CAPEC
  • Signature Spoofing by Key Recreation
    An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:N/A:N
redhat via4
advisories
  • rhsa
    id RHSA-2012:0101
  • rhsa
    id RHSA-2012:0102
rpms
  • spacewalk-backend-0:1.2.13-66.el5sat
  • spacewalk-backend-0:1.2.13-66.el6sat
  • spacewalk-backend-app-0:1.2.13-66.el5sat
  • spacewalk-backend-app-0:1.2.13-66.el6sat
  • spacewalk-backend-applet-0:1.2.13-66.el5sat
  • spacewalk-backend-applet-0:1.2.13-66.el6sat
  • spacewalk-backend-config-files-0:1.2.13-66.el5sat
  • spacewalk-backend-config-files-0:1.2.13-66.el6sat
  • spacewalk-backend-config-files-common-0:1.2.13-66.el5sat
  • spacewalk-backend-config-files-common-0:1.2.13-66.el6sat
  • spacewalk-backend-config-files-tool-0:1.2.13-66.el5sat
  • spacewalk-backend-config-files-tool-0:1.2.13-66.el6sat
  • spacewalk-backend-iss-0:1.2.13-66.el5sat
  • spacewalk-backend-iss-0:1.2.13-66.el6sat
  • spacewalk-backend-iss-export-0:1.2.13-66.el5sat
  • spacewalk-backend-iss-export-0:1.2.13-66.el6sat
  • spacewalk-backend-libs-0:1.2.13-66.el5sat
  • spacewalk-backend-libs-0:1.2.13-66.el6sat
  • spacewalk-backend-package-push-server-0:1.2.13-66.el5sat
  • spacewalk-backend-package-push-server-0:1.2.13-66.el6sat
  • spacewalk-backend-server-0:1.2.13-66.el5sat
  • spacewalk-backend-server-0:1.2.13-66.el6sat
  • spacewalk-backend-sql-0:1.2.13-66.el5sat
  • spacewalk-backend-sql-0:1.2.13-66.el6sat
  • spacewalk-backend-sql-oracle-0:1.2.13-66.el5sat
  • spacewalk-backend-sql-oracle-0:1.2.13-66.el6sat
  • spacewalk-backend-tools-0:1.2.13-66.el5sat
  • spacewalk-backend-tools-0:1.2.13-66.el6sat
  • spacewalk-backend-upload-server-0:1.2.13-66.el5sat
  • spacewalk-backend-upload-server-0:1.2.13-66.el6sat
  • spacewalk-backend-xml-export-libs-0:1.2.13-66.el5sat
  • spacewalk-backend-xml-export-libs-0:1.2.13-66.el6sat
  • spacewalk-backend-xmlrpc-0:1.2.13-66.el5sat
  • spacewalk-backend-xmlrpc-0:1.2.13-66.el6sat
  • spacewalk-backend-xp-0:1.2.13-66.el5sat
  • spacewalk-backend-xp-0:1.2.13-66.el6sat
  • spacewalk-backend-0:1.2.13-66.el5sat
  • spacewalk-backend-0:1.2.13-66.el6sat
  • spacewalk-backend-libs-0:1.2.13-66.el5sat
  • spacewalk-backend-libs-0:1.2.13-66.el6sat
refmap via4
Last major update 03-02-2022 - 16:26
Published 05-02-2014 - 18:55
Last modified 03-02-2022 - 16:26
Back to Top