ID CVE-2012-3538
Summary Pulp in Red Hat CloudForms before 1.1 logs administrative passwords in a world-readable file, which allows local users to read pulp administrative passwords by reading production.log.
References
Vulnerable Configurations
  • cpe:2.3:a:redhat:cloudforms:1.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:cloudforms:1.0:*:*:*:*:*:*:*
CVSS
Base: 3.3 (as of 29-08-2017 - 01:31)
Impact:
Exploitability:
CWE CWE-255
CAPEC
Access
VectorComplexityAuthentication
ADJACENT_NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:A/AC:L/Au:N/C:P/I:N/A:N
redhat via4
advisories
rhsa
id RHSA-2012:1543
rpms
  • candlepin-0:0.7.8.1-1.el6cf
  • candlepin-devel-0:0.7.8.1-1.el6cf
  • candlepin-selinux-0:0.7.8.1-1.el6cf
  • candlepin-tomcat6-0:0.7.8.1-1.el6cf
  • gofer-0:0.66.1-2.el5
  • gofer-0:0.66.1-2.el6cf
  • gofer-package-0:0.66.1-2.el5
  • gofer-package-0:0.66.1-2.el6cf
  • gofer-watchdog-0:0.66.1-2.el5
  • gofer-watchdog-0:0.66.1-2.el6cf
  • grinder-0:0.0.150-1.el6cf
  • katello-0:1.1.12-22.el6cf
  • katello-agent-0:1.1.2-1.el5
  • katello-agent-0:1.1.2-1.el6cf
  • katello-all-0:1.1.12-22.el6cf
  • katello-api-docs-0:1.1.12-22.el6cf
  • katello-certs-tools-0:1.1.8-1.el6cf
  • katello-cli-0:1.1.8-12.el6cf
  • katello-cli-common-0:1.1.8-12.el6cf
  • katello-cli-tests-0:1.1.5-2.el6cf
  • katello-common-0:1.1.12-22.el6cf
  • katello-configure-0:1.1.9-12.el6cf
  • katello-glue-candlepin-0:1.1.12-22.el6cf
  • katello-glue-pulp-0:1.1.12-22.el6cf
  • katello-selinux-0:1.1.1-2.el6cf
  • pulp-0:1.1.14-1.el6cf
  • pulp-admin-0:1.1.14-1.el6cf
  • pulp-client-lib-0:1.1.14-1.el6cf
  • pulp-common-0:1.1.14-1.el6cf
  • pulp-consumer-0:1.1.14-1.el6cf
  • pulp-selinux-server-0:1.1.14-1.el6cf
  • python-gofer-0:0.66.1-2.el5
  • python-gofer-0:0.66.1-2.el6cf
  • quartz-0:2.1.5-4.el6cf
  • rubygem-apipie-rails-0:0.0.11-3.el6cf
refmap via4
bid 56819
osvdb 88139
secunia 51472
xf cloudforms-pulp-info-disc(80547)
Last major update 29-08-2017 - 01:31
Published 04-01-2013 - 22:55
Last modified 29-08-2017 - 01:31
Back to Top