Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2012-4574 (GCVE-0-2012-4574)
Vulnerability from cvelistv5 – Published: 2013-01-04 22:00 – Updated: 2024-08-06 20:42
VLAI?
EPSS
Summary
Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf, which allows local users to read the administrative password by reading this file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Date Public ?
2012-12-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:42:54.823Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cloudforms-pulpconf-info-disc(80548)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80548"
},
{
"name": "88138",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/88138"
},
{
"name": "51472",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51472"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=872487"
},
{
"name": "RHSA-2012:1543",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1543.html"
},
{
"name": "56819",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/56819"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-12-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf, which allows local users to read the administrative password by reading this file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "cloudforms-pulpconf-info-disc(80548)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80548"
},
{
"name": "88138",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/88138"
},
{
"name": "51472",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51472"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=872487"
},
{
"name": "RHSA-2012:1543",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1543.html"
},
{
"name": "56819",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/56819"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-4574",
"datePublished": "2013-01-04T22:00:00.000Z",
"dateReserved": "2012-08-21T00:00:00.000Z",
"dateUpdated": "2024-08-06T20:42:54.823Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:cloudforms:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.0\", \"matchCriteriaId\": \"72189D15-3318-45CD-B37E-FD53E4422052\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf, which allows local users to read the administrative password by reading this file.\"}, {\"lang\": \"es\", \"value\": \"Pulp en Red Hat CloudForms anteriores a v1.1 usa permisos \\\"world-readable\\\" en pulp.conf, lo que permite a usuarios locales a leer las contrase\\u00f1as administrativas leyendo este fichero.\"}]",
"id": "CVE-2012-4574",
"lastModified": "2024-11-21T01:43:10.107",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 2.1, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 3.9, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2013-01-04T22:55:02.087",
"references": "[{\"url\": \"http://osvdb.org/88138\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2012-1543.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/51472\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/56819\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=872487\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/80548\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://osvdb.org/88138\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2012-1543.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/51472\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/56819\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=872487\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/80548\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-255\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2012-4574\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2013-01-04T22:55:02.087\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf, which allows local users to read the administrative password by reading this file.\"},{\"lang\":\"es\",\"value\":\"Pulp en Red Hat CloudForms anteriores a v1.1 usa permisos \\\"world-readable\\\" en pulp.conf, lo que permite a usuarios locales a leer las contrase\u00f1as administrativas leyendo este fichero.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-255\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:cloudforms:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.0\",\"matchCriteriaId\":\"72189D15-3318-45CD-B37E-FD53E4422052\"}]}]}],\"references\":[{\"url\":\"http://osvdb.org/88138\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2012-1543.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/51472\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/56819\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=872487\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/80548\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://osvdb.org/88138\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2012-1543.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/51472\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/56819\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=872487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/80548\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
RHBA-2013_0571
Vulnerability from csaf_redhat - Published: 2013-02-27 16:58 - Updated: 2024-11-14 12:13Summary
Red Hat Bug Fix Advisory: Red Hat Update Infrastructure 2.1.1 bug fix update
Severity
Moderate
Notes
Topic: Updated Red Hat Update Infrastructure 2.1.1 packages that fix several bugs are now available.
Details: Red Hat Update Infrastructure (RHUI) is a collection of technologies that offers cloud providers the ability to easily deploy Red Hat solutions into their environments. The rh-rhui-tools package has a series of tools necessary to configure the RHUI.
View a full list of bug fixes in this release in the Red Hat Update Infrastructure Technical Notes:
https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Update_Infrastructure/2.1/html/Technical_Notes/chap-Red_Hat_Update_Infrastructure-Technical_Notes-RHBA-2013_14489-02.html
All users of the Red Hat Update Infrastructure are advised to upgrade to this updated package, which fixes these bugs.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf, which allows local users to read the administrative password by reading this file.
4.9 ()
Vendor Fix
For details on how to update to RHUI 2.1.1, see the RHUI Administration Guide, section "Updating Red Hat Update Infrastructure". The Administration Guide is available from https://access.redhat.com/knowledge/docs/
https://access.redhat.com/errata/RHBA-2013:0571
References
Acknowledgments
Red Hat Security Response Team
Kurt Seifried
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated Red Hat Update Infrastructure 2.1.1 packages that fix several bugs are now available.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Update Infrastructure (RHUI) is a collection of technologies that offers cloud providers the ability to easily deploy Red Hat solutions into their environments. The rh-rhui-tools package has a series of tools necessary to configure the RHUI.\n\nView a full list of bug fixes in this release in the Red Hat Update Infrastructure Technical Notes:\n\nhttps://access.redhat.com/knowledge/docs/en-US/Red_Hat_Update_Infrastructure/2.1/html/Technical_Notes/chap-Red_Hat_Update_Infrastructure-Technical_Notes-RHBA-2013_14489-02.html\n\nAll users of the Red Hat Update Infrastructure are advised to upgrade to this updated package, which fixes these bugs.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2013:0571",
"url": "https://access.redhat.com/errata/RHBA-2013:0571"
},
{
"category": "external",
"summary": "811796",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=811796"
},
{
"category": "external",
"summary": "815975",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=815975"
},
{
"category": "external",
"summary": "821319",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=821319"
},
{
"category": "external",
"summary": "833007",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=833007"
},
{
"category": "external",
"summary": "845941",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=845941"
},
{
"category": "external",
"summary": "847080",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=847080"
},
{
"category": "external",
"summary": "847306",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=847306"
},
{
"category": "external",
"summary": "848885",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=848885"
},
{
"category": "external",
"summary": "856637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=856637"
},
{
"category": "external",
"summary": "860494",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=860494"
},
{
"category": "external",
"summary": "862016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=862016"
},
{
"category": "external",
"summary": "865822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=865822"
},
{
"category": "external",
"summary": "867803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=867803"
},
{
"category": "external",
"summary": "871497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=871497"
},
{
"category": "external",
"summary": "876423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=876423"
},
{
"category": "external",
"summary": "879546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=879546"
},
{
"category": "external",
"summary": "892394",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=892394"
},
{
"category": "external",
"summary": "902557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=902557"
},
{
"category": "external",
"summary": "908639",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=908639"
},
{
"category": "external",
"summary": "910707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=910707"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhba-2013_0571.json"
}
],
"title": "Red Hat Bug Fix Advisory: Red Hat Update Infrastructure 2.1.1 bug fix update",
"tracking": {
"current_release_date": "2024-11-14T12:13:05+00:00",
"generator": {
"date": "2024-11-14T12:13:05+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.0"
}
},
"id": "RHBA-2013:0571",
"initial_release_date": "2013-02-27T16:58:22+00:00",
"revision_history": [
{
"date": "2013-02-27T16:58:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2013-02-27T16:58:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T12:13:05+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHUI for RHEL 6",
"product": {
"name": "RHUI for RHEL 6",
"product_id": "RHUI for RHEL 6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhui:2::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat Update Infrastructure"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Kurt Seifried"
],
"organization": "Red Hat Security Response Team",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2012-4574",
"discovery_date": "2012-11-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "872487"
}
],
"notes": [
{
"category": "description",
"text": "Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf, which allows local users to read the administrative password by reading this file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pulp /etc/pulp/pulp.conf world readable, contains default admin password",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHUI for RHEL 6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-4574"
},
{
"category": "external",
"summary": "RHBZ#872487",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=872487"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-4574",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-4574"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4574",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4574"
}
],
"release_date": "2012-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-02-27T16:58:22+00:00",
"details": "For details on how to update to RHUI 2.1.1, see the RHUI Administration Guide, section \"Updating Red Hat Update Infrastructure\". The Administration Guide is available from https://access.redhat.com/knowledge/docs/",
"product_ids": [
"RHUI for RHEL 6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2013:0571"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
"products": [
"RHUI for RHEL 6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "pulp /etc/pulp/pulp.conf world readable, contains default admin password"
}
]
}
RHSA-2012:1543
Vulnerability from csaf_redhat - Published: 2012-12-04 19:32 - Updated: 2025-11-21 17:41Summary
Red Hat Security Advisory: CloudForms System Engine 1.1 update
Severity
Important
Notes
Topic: Updated CloudForms System Engine packages that fix multiple security
issues, several bugs, and add enhancements are now available.
The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details: Red Hat CloudForms is an on-premise hybrid cloud
Infrastructure-as-a-Service (IaaS) product that lets you create and manage
private and public clouds.
This update fixes bugs in and adds enhancements to the System Engine
packages, and upgrades the system to CloudForms 1.1.
This update also fixes the following security issues:
It was discovered that Katello did not properly check user permissions when
handling certain requests. An authenticated remote attacker could use this
flaw to download consumer certificates or change settings of other users'
systems if they knew the target system's UUID. (CVE-2012-5603)
It was discovered that Pulp logged administrative passwords to a world
readable log file. A local attacker could use this flaw to control systems
deployed and managed by CloudForms. (CVE-2012-3538)
It was discovered that the Pulp configuration file pulp.conf was installed
as world readable. A local attacker could use this flaw to view the
administrative password, allowing them to control systems deployed and
managed by CloudForms. (CVE-2012-4574)
It was discovered that grinder used insecure permissions for its cache
directory. A local attacker could use this flaw to access or modify files
in the cache. (CVE-2012-5605)
The CVE-2012-5603 issue was discovered by Lukas Zapletal of Red Hat;
CVE-2012-3538 was discovered by James Laska of Red Hat; CVE-2012-4574 was
discovered by Kurt Seifried of Red Hat; and CVE-2012-5605 was discovered by
James Labocki of Red Hat.
After upgrading to these new packages, follow the instructions in the "4.1.
Upgrading CloudForms System Engine" section of the CloudForms 1.1
Installation Guide:
https://access.redhat.com/knowledge/docs/en-US/CloudForms/1.1/html/Installation_Guide/index.html
To view the full list of changes in this update, view the CloudForms
Technical Notes:
https://access.redhat.com/knowledge/docs/en-US/CloudForms/1.1/html/Technical_Notes/index.html
Users are advised to upgrade to these updated CloudForms System Engine
packages, which resolve these issues and add these enhancements.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Pulp in Red Hat CloudForms before 1.1 logs administrative passwords in a world-readable file, which allows local users to read pulp administrative passwords by reading production.log.
4.9 ()
Vendor Fix
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258
https://access.redhat.com/errata/RHSA-2012:1543
Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf, which allows local users to read the administrative password by reading this file.
4.9 ()
Vendor Fix
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258
https://access.redhat.com/errata/RHSA-2012:1543
proxies_controller.rb in Katello in Red Hat CloudForms before 1.1 does not properly check permissions, which allows remote authenticated users to read consumer certificates or change arbitrary users' settings via unspecified vectors related to the "consumer UUID" of a system.
5.5 ()
Vendor Fix
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258
https://access.redhat.com/errata/RHSA-2012:1543
Grinder in Red Hat CloudForms before 1.1 uses world-writable permissions for /var/lib/pulp/cache/grinder/, which allows local users to modify grinder cache files.
4.6 ()
Vendor Fix
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258
https://access.redhat.com/errata/RHSA-2012:1543
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Acknowledgments
Red Hat
James Laska
Red Hat Security Response Team
Kurt Seifried
Red Hat
Lukas Zapletal
Red Hat
James Labocki
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated CloudForms System Engine packages that fix multiple security\nissues, several bugs, and add enhancements are now available.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat CloudForms is an on-premise hybrid cloud\nInfrastructure-as-a-Service (IaaS) product that lets you create and manage\nprivate and public clouds.\n\nThis update fixes bugs in and adds enhancements to the System Engine\npackages, and upgrades the system to CloudForms 1.1.\n\nThis update also fixes the following security issues:\n\nIt was discovered that Katello did not properly check user permissions when\nhandling certain requests. An authenticated remote attacker could use this\nflaw to download consumer certificates or change settings of other users\u0027\nsystems if they knew the target system\u0027s UUID. (CVE-2012-5603)\n\nIt was discovered that Pulp logged administrative passwords to a world\nreadable log file. A local attacker could use this flaw to control systems\ndeployed and managed by CloudForms. (CVE-2012-3538)\n\nIt was discovered that the Pulp configuration file pulp.conf was installed\nas world readable. A local attacker could use this flaw to view the\nadministrative password, allowing them to control systems deployed and\nmanaged by CloudForms. (CVE-2012-4574)\n\nIt was discovered that grinder used insecure permissions for its cache\ndirectory. A local attacker could use this flaw to access or modify files\nin the cache. (CVE-2012-5605)\n\nThe CVE-2012-5603 issue was discovered by Lukas Zapletal of Red Hat;\nCVE-2012-3538 was discovered by James Laska of Red Hat; CVE-2012-4574 was\ndiscovered by Kurt Seifried of Red Hat; and CVE-2012-5605 was discovered by\nJames Labocki of Red Hat.\n\nAfter upgrading to these new packages, follow the instructions in the \"4.1.\nUpgrading CloudForms System Engine\" section of the CloudForms 1.1\nInstallation Guide:\n\nhttps://access.redhat.com/knowledge/docs/en-US/CloudForms/1.1/html/Installation_Guide/index.html\n\nTo view the full list of changes in this update, view the CloudForms\nTechnical Notes:\n\nhttps://access.redhat.com/knowledge/docs/en-US/CloudForms/1.1/html/Technical_Notes/index.html\n\nUsers are advised to upgrade to these updated CloudForms System Engine\npackages, which resolve these issues and add these enhancements.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2012:1543",
"url": "https://access.redhat.com/errata/RHSA-2012:1543"
},
{
"category": "external",
"summary": "806879",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=806879"
},
{
"category": "external",
"summary": "841691",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=841691"
},
{
"category": "external",
"summary": "841984",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=841984"
},
{
"category": "external",
"summary": "841998",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=841998"
},
{
"category": "external",
"summary": "845096",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=845096"
},
{
"category": "external",
"summary": "845198",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=845198"
},
{
"category": "external",
"summary": "845224",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=845224"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/knowledge/docs/en-US/CloudForms/1.1/html/Installation_Guide/index.html",
"url": "https://access.redhat.com/knowledge/docs/en-US/CloudForms/1.1/html/Installation_Guide/index.html"
},
{
"category": "external",
"summary": "https://access.redhat.com/knowledge/docs/en-US/CloudForms/1.1/html/Technical_Notes/index.html",
"url": "https://access.redhat.com/knowledge/docs/en-US/CloudForms/1.1/html/Technical_Notes/index.html"
},
{
"category": "external",
"summary": "746765",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=746765"
},
{
"category": "external",
"summary": "753128",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=753128"
},
{
"category": "external",
"summary": "760180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=760180"
},
{
"category": "external",
"summary": "766694",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=766694"
},
{
"category": "external",
"summary": "769559",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=769559"
},
{
"category": "external",
"summary": "782954",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=782954"
},
{
"category": "external",
"summary": "786176",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=786176"
},
{
"category": "external",
"summary": "786226",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=786226"
},
{
"category": "external",
"summary": "787184",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=787184"
},
{
"category": "external",
"summary": "787305",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=787305"
},
{
"category": "external",
"summary": "789139",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=789139"
},
{
"category": "external",
"summary": "789535",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=789535"
},
{
"category": "external",
"summary": "790138",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=790138"
},
{
"category": "external",
"summary": "790342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=790342"
},
{
"category": "external",
"summary": "796047",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=796047"
},
{
"category": "external",
"summary": "796972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=796972"
},
{
"category": "external",
"summary": "797299",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=797299"
},
{
"category": "external",
"summary": "797321",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=797321"
},
{
"category": "external",
"summary": "797412",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=797412"
},
{
"category": "external",
"summary": "799538",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=799538"
},
{
"category": "external",
"summary": "800529",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800529"
},
{
"category": "external",
"summary": "801454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=801454"
},
{
"category": "external",
"summary": "801580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=801580"
},
{
"category": "external",
"summary": "802925",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=802925"
},
{
"category": "external",
"summary": "803548",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=803548"
},
{
"category": "external",
"summary": "803702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=803702"
},
{
"category": "external",
"summary": "803728",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=803728"
},
{
"category": "external",
"summary": "803761",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=803761"
},
{
"category": "external",
"summary": "804127",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=804127"
},
{
"category": "external",
"summary": "804555",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=804555"
},
{
"category": "external",
"summary": "804610",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=804610"
},
{
"category": "external",
"summary": "804685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=804685"
},
{
"category": "external",
"summary": "805027",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=805027"
},
{
"category": "external",
"summary": "805412",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=805412"
},
{
"category": "external",
"summary": "805627",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=805627"
},
{
"category": "external",
"summary": "805709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=805709"
},
{
"category": "external",
"summary": "805956",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=805956"
},
{
"category": "external",
"summary": "806076",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=806076"
},
{
"category": "external",
"summary": "806078",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=806078"
},
{
"category": "external",
"summary": "806083",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=806083"
},
{
"category": "external",
"summary": "806940",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=806940"
},
{
"category": "external",
"summary": "806969",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=806969"
},
{
"category": "external",
"summary": "807288",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=807288"
},
{
"category": "external",
"summary": "807291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=807291"
},
{
"category": "external",
"summary": "807468",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=807468"
},
{
"category": "external",
"summary": "807804",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=807804"
},
{
"category": "external",
"summary": "808172",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=808172"
},
{
"category": "external",
"summary": "808437",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=808437"
},
{
"category": "external",
"summary": "809259",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=809259"
},
{
"category": "external",
"summary": "810378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=810378"
},
{
"category": "external",
"summary": "810945",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=810945"
},
{
"category": "external",
"summary": "811556",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=811556"
},
{
"category": "external",
"summary": "811564",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=811564"
},
{
"category": "external",
"summary": "812417",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=812417"
},
{
"category": "external",
"summary": "813675",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=813675"
},
{
"category": "external",
"summary": "815308",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=815308"
},
{
"category": "external",
"summary": "815802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=815802"
},
{
"category": "external",
"summary": "816935",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=816935"
},
{
"category": "external",
"summary": "817123",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=817123"
},
{
"category": "external",
"summary": "818204",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=818204"
},
{
"category": "external",
"summary": "818261",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=818261"
},
{
"category": "external",
"summary": "818370",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=818370"
},
{
"category": "external",
"summary": "819593",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=819593"
},
{
"category": "external",
"summary": "819941",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=819941"
},
{
"category": "external",
"summary": "820373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=820373"
},
{
"category": "external",
"summary": "820385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=820385"
},
{
"category": "external",
"summary": "820624",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=820624"
},
{
"category": "external",
"summary": "820626",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=820626"
},
{
"category": "external",
"summary": "820630",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=820630"
},
{
"category": "external",
"summary": "821345",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=821345"
},
{
"category": "external",
"summary": "821644",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=821644"
},
{
"category": "external",
"summary": "821929",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=821929"
},
{
"category": "external",
"summary": "822119",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=822119"
},
{
"category": "external",
"summary": "822484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=822484"
},
{
"category": "external",
"summary": "823688",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=823688"
},
{
"category": "external",
"summary": "824069",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=824069"
},
{
"category": "external",
"summary": "824581",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=824581"
},
{
"category": "external",
"summary": "826581",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=826581"
},
{
"category": "external",
"summary": "827087",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=827087"
},
{
"category": "external",
"summary": "827108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=827108"
},
{
"category": "external",
"summary": "828447",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=828447"
},
{
"category": "external",
"summary": "828533",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=828533"
},
{
"category": "external",
"summary": "829208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=829208"
},
{
"category": "external",
"summary": "829437",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=829437"
},
{
"category": "external",
"summary": "829794",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=829794"
},
{
"category": "external",
"summary": "830176",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=830176"
},
{
"category": "external",
"summary": "831664",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=831664"
},
{
"category": "external",
"summary": "834006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=834006"
},
{
"category": "external",
"summary": "834013",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=834013"
},
{
"category": "external",
"summary": "834242",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=834242"
},
{
"category": "external",
"summary": "834646",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=834646"
},
{
"category": "external",
"summary": "834697",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=834697"
},
{
"category": "external",
"summary": "835586",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=835586"
},
{
"category": "external",
"summary": "835591",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=835591"
},
{
"category": "external",
"summary": "835875",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=835875"
},
{
"category": "external",
"summary": "836339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=836339"
},
{
"category": "external",
"summary": "836575",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=836575"
},
{
"category": "external",
"summary": "837000",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=837000"
},
{
"category": "external",
"summary": "839005",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=839005"
},
{
"category": "external",
"summary": "840616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=840616"
},
{
"category": "external",
"summary": "840624",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=840624"
},
{
"category": "external",
"summary": "840625",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=840625"
},
{
"category": "external",
"summary": "841000",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=841000"
},
{
"category": "external",
"summary": "841289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=841289"
},
{
"category": "external",
"summary": "841300",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=841300"
},
{
"category": "external",
"summary": "841310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=841310"
},
{
"category": "external",
"summary": "841686",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=841686"
},
{
"category": "external",
"summary": "842003",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=842003"
},
{
"category": "external",
"summary": "842005",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=842005"
},
{
"category": "external",
"summary": "842010",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=842010"
},
{
"category": "external",
"summary": "842252",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=842252"
},
{
"category": "external",
"summary": "842256",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=842256"
},
{
"category": "external",
"summary": "842271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=842271"
},
{
"category": "external",
"summary": "842569",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=842569"
},
{
"category": "external",
"summary": "842838",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=842838"
},
{
"category": "external",
"summary": "842858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=842858"
},
{
"category": "external",
"summary": "843059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=843059"
},
{
"category": "external",
"summary": "843061",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=843061"
},
{
"category": "external",
"summary": "843064",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=843064"
},
{
"category": "external",
"summary": "843161",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=843161"
},
{
"category": "external",
"summary": "843165",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=843165"
},
{
"category": "external",
"summary": "843462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=843462"
},
{
"category": "external",
"summary": "843529",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=843529"
},
{
"category": "external",
"summary": "843845",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=843845"
},
{
"category": "external",
"summary": "844414",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=844414"
},
{
"category": "external",
"summary": "844417",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=844417"
},
{
"category": "external",
"summary": "844678",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=844678"
},
{
"category": "external",
"summary": "844796",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=844796"
},
{
"category": "external",
"summary": "844806",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=844806"
},
{
"category": "external",
"summary": "845060",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=845060"
},
{
"category": "external",
"summary": "845576",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=845576"
},
{
"category": "external",
"summary": "845580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=845580"
},
{
"category": "external",
"summary": "845613",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=845613"
},
{
"category": "external",
"summary": "845668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=845668"
},
{
"category": "external",
"summary": "845995",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=845995"
},
{
"category": "external",
"summary": "846251",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=846251"
},
{
"category": "external",
"summary": "846482",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=846482"
},
{
"category": "external",
"summary": "846719",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=846719"
},
{
"category": "external",
"summary": "847002",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=847002"
},
{
"category": "external",
"summary": "847115",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=847115"
},
{
"category": "external",
"summary": "847858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=847858"
},
{
"category": "external",
"summary": "848038",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=848038"
},
{
"category": "external",
"summary": "849224",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=849224"
},
{
"category": "external",
"summary": "850342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=850342"
},
{
"category": "external",
"summary": "850790",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=850790"
},
{
"category": "external",
"summary": "851080",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=851080"
},
{
"category": "external",
"summary": "851142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=851142"
},
{
"category": "external",
"summary": "851512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=851512"
},
{
"category": "external",
"summary": "852006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=852006"
},
{
"category": "external",
"summary": "852119",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=852119"
},
{
"category": "external",
"summary": "852167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=852167"
},
{
"category": "external",
"summary": "852199",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=852199"
},
{
"category": "external",
"summary": "852316",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=852316"
},
{
"category": "external",
"summary": "852388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=852388"
},
{
"category": "external",
"summary": "852791",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=852791"
},
{
"category": "external",
"summary": "852804",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=852804"
},
{
"category": "external",
"summary": "853056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=853056"
},
{
"category": "external",
"summary": "853229",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=853229"
},
{
"category": "external",
"summary": "853356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=853356"
},
{
"category": "external",
"summary": "853445",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=853445"
},
{
"category": "external",
"summary": "853995",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=853995"
},
{
"category": "external",
"summary": "854697",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=854697"
},
{
"category": "external",
"summary": "855184",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=855184"
},
{
"category": "external",
"summary": "855267",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=855267"
},
{
"category": "external",
"summary": "855406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=855406"
},
{
"category": "external",
"summary": "856220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=856220"
},
{
"category": "external",
"summary": "857078",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=857078"
},
{
"category": "external",
"summary": "857230",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=857230"
},
{
"category": "external",
"summary": "857274",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=857274"
},
{
"category": "external",
"summary": "857499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=857499"
},
{
"category": "external",
"summary": "857539",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=857539"
},
{
"category": "external",
"summary": "857550",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=857550"
},
{
"category": "external",
"summary": "857574",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=857574"
},
{
"category": "external",
"summary": "857720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=857720"
},
{
"category": "external",
"summary": "857727",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=857727"
},
{
"category": "external",
"summary": "857842",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=857842"
},
{
"category": "external",
"summary": "858011",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=858011"
},
{
"category": "external",
"summary": "858013",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=858013"
},
{
"category": "external",
"summary": "858038",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=858038"
},
{
"category": "external",
"summary": "858193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=858193"
},
{
"category": "external",
"summary": "858277",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=858277"
},
{
"category": "external",
"summary": "858358",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=858358"
},
{
"category": "external",
"summary": "858360",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=858360"
},
{
"category": "external",
"summary": "858363",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=858363"
},
{
"category": "external",
"summary": "858661",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=858661"
},
{
"category": "external",
"summary": "858678",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=858678"
},
{
"category": "external",
"summary": "858682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=858682"
},
{
"category": "external",
"summary": "858706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=858706"
},
{
"category": "external",
"summary": "858960",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=858960"
},
{
"category": "external",
"summary": "859329",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=859329"
},
{
"category": "external",
"summary": "859407",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=859407"
},
{
"category": "external",
"summary": "859415",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=859415"
},
{
"category": "external",
"summary": "859442",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=859442"
},
{
"category": "external",
"summary": "859604",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=859604"
},
{
"category": "external",
"summary": "859784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=859784"
},
{
"category": "external",
"summary": "859963",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=859963"
},
{
"category": "external",
"summary": "860251",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=860251"
},
{
"category": "external",
"summary": "860421",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=860421"
},
{
"category": "external",
"summary": "860702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=860702"
},
{
"category": "external",
"summary": "860709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=860709"
},
{
"category": "external",
"summary": "862441",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=862441"
},
{
"category": "external",
"summary": "862997",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=862997"
},
{
"category": "external",
"summary": "863187",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=863187"
},
{
"category": "external",
"summary": "863252",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=863252"
},
{
"category": "external",
"summary": "864216",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=864216"
},
{
"category": "external",
"summary": "864372",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=864372"
},
{
"category": "external",
"summary": "864936",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=864936"
},
{
"category": "external",
"summary": "864999",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=864999"
},
{
"category": "external",
"summary": "865528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=865528"
},
{
"category": "external",
"summary": "865811",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=865811"
},
{
"category": "external",
"summary": "869575",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=869575"
},
{
"category": "external",
"summary": "871086",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=871086"
},
{
"category": "external",
"summary": "872096",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=872096"
},
{
"category": "external",
"summary": "872305",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=872305"
},
{
"category": "external",
"summary": "872487",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=872487"
},
{
"category": "external",
"summary": "873850",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=873850"
},
{
"category": "external",
"summary": "874160",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=874160"
},
{
"category": "external",
"summary": "874185",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=874185"
},
{
"category": "external",
"summary": "874768",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=874768"
},
{
"category": "external",
"summary": "882129",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=882129"
},
{
"category": "external",
"summary": "806353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=806353"
},
{
"category": "external",
"summary": "882138",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=882138"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2012/rhsa-2012_1543.json"
}
],
"title": "Red Hat Security Advisory: CloudForms System Engine 1.1 update",
"tracking": {
"current_release_date": "2025-11-21T17:41:38+00:00",
"generator": {
"date": "2025-11-21T17:41:38+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2012:1543",
"initial_release_date": "2012-12-04T19:32:00+00:00",
"revision_history": [
{
"date": "2012-12-04T19:32:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2012-12-04T19:39:57+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:41:38+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "CloudForms System Engine for RHEL 6 Server",
"product": {
"name": "CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine",
"product_identification_helper": {
"cpe": "cpe:/a:cloudforms_systemengine:1::el6"
}
}
},
{
"category": "product_name",
"name": "CloudForms Tools for RHEL 6 Server",
"product": {
"name": "CloudForms Tools for RHEL 6 Server",
"product_id": "6Server-CloudTools",
"product_identification_helper": {
"cpe": "cpe:/a:cloudforms_tools:1::el6"
}
}
},
{
"category": "product_name",
"name": "CloudForms Tools for RHEL 5 Server",
"product": {
"name": "CloudForms Tools for RHEL 5 Server",
"product_id": "5Server-CloudTools",
"product_identification_helper": {
"cpe": "cpe:/a:cloudforms_tools:1::el5"
}
}
}
],
"category": "product_family",
"name": "Red Hat CloudForms"
},
{
"branches": [
{
"category": "product_version",
"name": "quartz-0:2.1.5-4.el6cf.noarch",
"product": {
"name": "quartz-0:2.1.5-4.el6cf.noarch",
"product_id": "quartz-0:2.1.5-4.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/quartz@2.1.5-4.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "katello-agent-0:1.1.2-1.el6cf.noarch",
"product": {
"name": "katello-agent-0:1.1.2-1.el6cf.noarch",
"product_id": "katello-agent-0:1.1.2-1.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-agent@1.1.2-1.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "katello-certs-tools-0:1.1.8-1.el6cf.noarch",
"product": {
"name": "katello-certs-tools-0:1.1.8-1.el6cf.noarch",
"product_id": "katello-certs-tools-0:1.1.8-1.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-certs-tools@1.1.8-1.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "grinder-0:0.0.150-1.el6cf.noarch",
"product": {
"name": "grinder-0:0.0.150-1.el6cf.noarch",
"product_id": "grinder-0:0.0.150-1.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grinder@0.0.150-1.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "gofer-0:0.66.1-2.el6cf.noarch",
"product": {
"name": "gofer-0:0.66.1-2.el6cf.noarch",
"product_id": "gofer-0:0.66.1-2.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gofer@0.66.1-2.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"product": {
"name": "gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"product_id": "gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gofer-watchdog@0.66.1-2.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "gofer-package-0:0.66.1-2.el6cf.noarch",
"product": {
"name": "gofer-package-0:0.66.1-2.el6cf.noarch",
"product_id": "gofer-package-0:0.66.1-2.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gofer-package@0.66.1-2.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-gofer-0:0.66.1-2.el6cf.noarch",
"product": {
"name": "python-gofer-0:0.66.1-2.el6cf.noarch",
"product_id": "python-gofer-0:0.66.1-2.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-gofer@0.66.1-2.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-apipie-rails-0:0.0.11-3.el6cf.noarch",
"product": {
"name": "rubygem-apipie-rails-0:0.0.11-3.el6cf.noarch",
"product_id": "rubygem-apipie-rails-0:0.0.11-3.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-apipie-rails@0.0.11-3.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "candlepin-devel-0:0.7.8.1-1.el6cf.noarch",
"product": {
"name": "candlepin-devel-0:0.7.8.1-1.el6cf.noarch",
"product_id": "candlepin-devel-0:0.7.8.1-1.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/candlepin-devel@0.7.8.1-1.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "candlepin-tomcat6-0:0.7.8.1-1.el6cf.noarch",
"product": {
"name": "candlepin-tomcat6-0:0.7.8.1-1.el6cf.noarch",
"product_id": "candlepin-tomcat6-0:0.7.8.1-1.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/candlepin-tomcat6@0.7.8.1-1.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "candlepin-selinux-0:0.7.8.1-1.el6cf.noarch",
"product": {
"name": "candlepin-selinux-0:0.7.8.1-1.el6cf.noarch",
"product_id": "candlepin-selinux-0:0.7.8.1-1.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/candlepin-selinux@0.7.8.1-1.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "candlepin-0:0.7.8.1-1.el6cf.noarch",
"product": {
"name": "candlepin-0:0.7.8.1-1.el6cf.noarch",
"product_id": "candlepin-0:0.7.8.1-1.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/candlepin@0.7.8.1-1.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "katello-selinux-0:1.1.1-2.el6cf.noarch",
"product": {
"name": "katello-selinux-0:1.1.1-2.el6cf.noarch",
"product_id": "katello-selinux-0:1.1.1-2.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-selinux@1.1.1-2.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "pulp-client-lib-0:1.1.14-1.el6cf.noarch",
"product": {
"name": "pulp-client-lib-0:1.1.14-1.el6cf.noarch",
"product_id": "pulp-client-lib-0:1.1.14-1.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pulp-client-lib@1.1.14-1.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "pulp-common-0:1.1.14-1.el6cf.noarch",
"product": {
"name": "pulp-common-0:1.1.14-1.el6cf.noarch",
"product_id": "pulp-common-0:1.1.14-1.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pulp-common@1.1.14-1.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "pulp-selinux-server-0:1.1.14-1.el6cf.noarch",
"product": {
"name": "pulp-selinux-server-0:1.1.14-1.el6cf.noarch",
"product_id": "pulp-selinux-server-0:1.1.14-1.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pulp-selinux-server@1.1.14-1.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "pulp-0:1.1.14-1.el6cf.noarch",
"product": {
"name": "pulp-0:1.1.14-1.el6cf.noarch",
"product_id": "pulp-0:1.1.14-1.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pulp@1.1.14-1.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "pulp-consumer-0:1.1.14-1.el6cf.noarch",
"product": {
"name": "pulp-consumer-0:1.1.14-1.el6cf.noarch",
"product_id": "pulp-consumer-0:1.1.14-1.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pulp-consumer@1.1.14-1.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "pulp-admin-0:1.1.14-1.el6cf.noarch",
"product": {
"name": "pulp-admin-0:1.1.14-1.el6cf.noarch",
"product_id": "pulp-admin-0:1.1.14-1.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pulp-admin@1.1.14-1.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "katello-cli-common-0:1.1.8-12.el6cf.noarch",
"product": {
"name": "katello-cli-common-0:1.1.8-12.el6cf.noarch",
"product_id": "katello-cli-common-0:1.1.8-12.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-cli-common@1.1.8-12.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "katello-cli-0:1.1.8-12.el6cf.noarch",
"product": {
"name": "katello-cli-0:1.1.8-12.el6cf.noarch",
"product_id": "katello-cli-0:1.1.8-12.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-cli@1.1.8-12.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "katello-cli-tests-0:1.1.5-2.el6cf.noarch",
"product": {
"name": "katello-cli-tests-0:1.1.5-2.el6cf.noarch",
"product_id": "katello-cli-tests-0:1.1.5-2.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-cli-tests@1.1.5-2.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "katello-configure-0:1.1.9-12.el6cf.noarch",
"product": {
"name": "katello-configure-0:1.1.9-12.el6cf.noarch",
"product_id": "katello-configure-0:1.1.9-12.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-configure@1.1.9-12.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "katello-glue-pulp-0:1.1.12-22.el6cf.noarch",
"product": {
"name": "katello-glue-pulp-0:1.1.12-22.el6cf.noarch",
"product_id": "katello-glue-pulp-0:1.1.12-22.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-glue-pulp@1.1.12-22.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "katello-all-0:1.1.12-22.el6cf.noarch",
"product": {
"name": "katello-all-0:1.1.12-22.el6cf.noarch",
"product_id": "katello-all-0:1.1.12-22.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-all@1.1.12-22.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "katello-0:1.1.12-22.el6cf.noarch",
"product": {
"name": "katello-0:1.1.12-22.el6cf.noarch",
"product_id": "katello-0:1.1.12-22.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello@1.1.12-22.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "katello-common-0:1.1.12-22.el6cf.noarch",
"product": {
"name": "katello-common-0:1.1.12-22.el6cf.noarch",
"product_id": "katello-common-0:1.1.12-22.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-common@1.1.12-22.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "katello-glue-candlepin-0:1.1.12-22.el6cf.noarch",
"product": {
"name": "katello-glue-candlepin-0:1.1.12-22.el6cf.noarch",
"product_id": "katello-glue-candlepin-0:1.1.12-22.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-glue-candlepin@1.1.12-22.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "katello-api-docs-0:1.1.12-22.el6cf.noarch",
"product": {
"name": "katello-api-docs-0:1.1.12-22.el6cf.noarch",
"product_id": "katello-api-docs-0:1.1.12-22.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-api-docs@1.1.12-22.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "katello-agent-0:1.1.2-1.el5.noarch",
"product": {
"name": "katello-agent-0:1.1.2-1.el5.noarch",
"product_id": "katello-agent-0:1.1.2-1.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-agent@1.1.2-1.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-gofer-0:0.66.1-2.el5.noarch",
"product": {
"name": "python-gofer-0:0.66.1-2.el5.noarch",
"product_id": "python-gofer-0:0.66.1-2.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-gofer@0.66.1-2.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "gofer-watchdog-0:0.66.1-2.el5.noarch",
"product": {
"name": "gofer-watchdog-0:0.66.1-2.el5.noarch",
"product_id": "gofer-watchdog-0:0.66.1-2.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gofer-watchdog@0.66.1-2.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "gofer-0:0.66.1-2.el5.noarch",
"product": {
"name": "gofer-0:0.66.1-2.el5.noarch",
"product_id": "gofer-0:0.66.1-2.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gofer@0.66.1-2.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "gofer-package-0:0.66.1-2.el5.noarch",
"product": {
"name": "gofer-package-0:0.66.1-2.el5.noarch",
"product_id": "gofer-package-0:0.66.1-2.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gofer-package@0.66.1-2.el5?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "quartz-0:2.1.5-4.el6cf.src",
"product": {
"name": "quartz-0:2.1.5-4.el6cf.src",
"product_id": "quartz-0:2.1.5-4.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/quartz@2.1.5-4.el6cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "katello-agent-0:1.1.2-1.el6cf.src",
"product": {
"name": "katello-agent-0:1.1.2-1.el6cf.src",
"product_id": "katello-agent-0:1.1.2-1.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-agent@1.1.2-1.el6cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "katello-certs-tools-0:1.1.8-1.el6cf.src",
"product": {
"name": "katello-certs-tools-0:1.1.8-1.el6cf.src",
"product_id": "katello-certs-tools-0:1.1.8-1.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-certs-tools@1.1.8-1.el6cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "grinder-0:0.0.150-1.el6cf.src",
"product": {
"name": "grinder-0:0.0.150-1.el6cf.src",
"product_id": "grinder-0:0.0.150-1.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grinder@0.0.150-1.el6cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "gofer-0:0.66.1-2.el6cf.src",
"product": {
"name": "gofer-0:0.66.1-2.el6cf.src",
"product_id": "gofer-0:0.66.1-2.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gofer@0.66.1-2.el6cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-apipie-rails-0:0.0.11-3.el6cf.src",
"product": {
"name": "rubygem-apipie-rails-0:0.0.11-3.el6cf.src",
"product_id": "rubygem-apipie-rails-0:0.0.11-3.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-apipie-rails@0.0.11-3.el6cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "candlepin-0:0.7.8.1-1.el6cf.src",
"product": {
"name": "candlepin-0:0.7.8.1-1.el6cf.src",
"product_id": "candlepin-0:0.7.8.1-1.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/candlepin@0.7.8.1-1.el6cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "katello-selinux-0:1.1.1-2.el6cf.src",
"product": {
"name": "katello-selinux-0:1.1.1-2.el6cf.src",
"product_id": "katello-selinux-0:1.1.1-2.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-selinux@1.1.1-2.el6cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "pulp-0:1.1.14-1.el6cf.src",
"product": {
"name": "pulp-0:1.1.14-1.el6cf.src",
"product_id": "pulp-0:1.1.14-1.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pulp@1.1.14-1.el6cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "katello-cli-0:1.1.8-12.el6cf.src",
"product": {
"name": "katello-cli-0:1.1.8-12.el6cf.src",
"product_id": "katello-cli-0:1.1.8-12.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-cli@1.1.8-12.el6cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "katello-cli-tests-0:1.1.5-2.el6cf.src",
"product": {
"name": "katello-cli-tests-0:1.1.5-2.el6cf.src",
"product_id": "katello-cli-tests-0:1.1.5-2.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-cli-tests@1.1.5-2.el6cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "katello-configure-0:1.1.9-12.el6cf.src",
"product": {
"name": "katello-configure-0:1.1.9-12.el6cf.src",
"product_id": "katello-configure-0:1.1.9-12.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-configure@1.1.9-12.el6cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "katello-0:1.1.12-22.el6cf.src",
"product": {
"name": "katello-0:1.1.12-22.el6cf.src",
"product_id": "katello-0:1.1.12-22.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello@1.1.12-22.el6cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "katello-agent-0:1.1.2-1.el5.src",
"product": {
"name": "katello-agent-0:1.1.2-1.el5.src",
"product_id": "katello-agent-0:1.1.2-1.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-agent@1.1.2-1.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "gofer-0:0.66.1-2.el5.src",
"product": {
"name": "gofer-0:0.66.1-2.el5.src",
"product_id": "gofer-0:0.66.1-2.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gofer@0.66.1-2.el5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gofer-0:0.66.1-2.el5.noarch as a component of CloudForms Tools for RHEL 5 Server",
"product_id": "5Server-CloudTools:gofer-0:0.66.1-2.el5.noarch"
},
"product_reference": "gofer-0:0.66.1-2.el5.noarch",
"relates_to_product_reference": "5Server-CloudTools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gofer-0:0.66.1-2.el5.src as a component of CloudForms Tools for RHEL 5 Server",
"product_id": "5Server-CloudTools:gofer-0:0.66.1-2.el5.src"
},
"product_reference": "gofer-0:0.66.1-2.el5.src",
"relates_to_product_reference": "5Server-CloudTools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gofer-package-0:0.66.1-2.el5.noarch as a component of CloudForms Tools for RHEL 5 Server",
"product_id": "5Server-CloudTools:gofer-package-0:0.66.1-2.el5.noarch"
},
"product_reference": "gofer-package-0:0.66.1-2.el5.noarch",
"relates_to_product_reference": "5Server-CloudTools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gofer-watchdog-0:0.66.1-2.el5.noarch as a component of CloudForms Tools for RHEL 5 Server",
"product_id": "5Server-CloudTools:gofer-watchdog-0:0.66.1-2.el5.noarch"
},
"product_reference": "gofer-watchdog-0:0.66.1-2.el5.noarch",
"relates_to_product_reference": "5Server-CloudTools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-agent-0:1.1.2-1.el5.noarch as a component of CloudForms Tools for RHEL 5 Server",
"product_id": "5Server-CloudTools:katello-agent-0:1.1.2-1.el5.noarch"
},
"product_reference": "katello-agent-0:1.1.2-1.el5.noarch",
"relates_to_product_reference": "5Server-CloudTools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-agent-0:1.1.2-1.el5.src as a component of CloudForms Tools for RHEL 5 Server",
"product_id": "5Server-CloudTools:katello-agent-0:1.1.2-1.el5.src"
},
"product_reference": "katello-agent-0:1.1.2-1.el5.src",
"relates_to_product_reference": "5Server-CloudTools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-gofer-0:0.66.1-2.el5.noarch as a component of CloudForms Tools for RHEL 5 Server",
"product_id": "5Server-CloudTools:python-gofer-0:0.66.1-2.el5.noarch"
},
"product_reference": "python-gofer-0:0.66.1-2.el5.noarch",
"relates_to_product_reference": "5Server-CloudTools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gofer-0:0.66.1-2.el6cf.noarch as a component of CloudForms Tools for RHEL 6 Server",
"product_id": "6Server-CloudTools:gofer-0:0.66.1-2.el6cf.noarch"
},
"product_reference": "gofer-0:0.66.1-2.el6cf.noarch",
"relates_to_product_reference": "6Server-CloudTools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gofer-0:0.66.1-2.el6cf.src as a component of CloudForms Tools for RHEL 6 Server",
"product_id": "6Server-CloudTools:gofer-0:0.66.1-2.el6cf.src"
},
"product_reference": "gofer-0:0.66.1-2.el6cf.src",
"relates_to_product_reference": "6Server-CloudTools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gofer-package-0:0.66.1-2.el6cf.noarch as a component of CloudForms Tools for RHEL 6 Server",
"product_id": "6Server-CloudTools:gofer-package-0:0.66.1-2.el6cf.noarch"
},
"product_reference": "gofer-package-0:0.66.1-2.el6cf.noarch",
"relates_to_product_reference": "6Server-CloudTools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gofer-watchdog-0:0.66.1-2.el6cf.noarch as a component of CloudForms Tools for RHEL 6 Server",
"product_id": "6Server-CloudTools:gofer-watchdog-0:0.66.1-2.el6cf.noarch"
},
"product_reference": "gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"relates_to_product_reference": "6Server-CloudTools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-agent-0:1.1.2-1.el6cf.noarch as a component of CloudForms Tools for RHEL 6 Server",
"product_id": "6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.noarch"
},
"product_reference": "katello-agent-0:1.1.2-1.el6cf.noarch",
"relates_to_product_reference": "6Server-CloudTools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-agent-0:1.1.2-1.el6cf.src as a component of CloudForms Tools for RHEL 6 Server",
"product_id": "6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.src"
},
"product_reference": "katello-agent-0:1.1.2-1.el6cf.src",
"relates_to_product_reference": "6Server-CloudTools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-gofer-0:0.66.1-2.el6cf.noarch as a component of CloudForms Tools for RHEL 6 Server",
"product_id": "6Server-CloudTools:python-gofer-0:0.66.1-2.el6cf.noarch"
},
"product_reference": "python-gofer-0:0.66.1-2.el6cf.noarch",
"relates_to_product_reference": "6Server-CloudTools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "candlepin-0:0.7.8.1-1.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.noarch"
},
"product_reference": "candlepin-0:0.7.8.1-1.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "candlepin-0:0.7.8.1-1.el6cf.src as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.src"
},
"product_reference": "candlepin-0:0.7.8.1-1.el6cf.src",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "candlepin-devel-0:0.7.8.1-1.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:candlepin-devel-0:0.7.8.1-1.el6cf.noarch"
},
"product_reference": "candlepin-devel-0:0.7.8.1-1.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "candlepin-selinux-0:0.7.8.1-1.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:candlepin-selinux-0:0.7.8.1-1.el6cf.noarch"
},
"product_reference": "candlepin-selinux-0:0.7.8.1-1.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "candlepin-tomcat6-0:0.7.8.1-1.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:candlepin-tomcat6-0:0.7.8.1-1.el6cf.noarch"
},
"product_reference": "candlepin-tomcat6-0:0.7.8.1-1.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gofer-0:0.66.1-2.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.noarch"
},
"product_reference": "gofer-0:0.66.1-2.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gofer-0:0.66.1-2.el6cf.src as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.src"
},
"product_reference": "gofer-0:0.66.1-2.el6cf.src",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gofer-package-0:0.66.1-2.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:gofer-package-0:0.66.1-2.el6cf.noarch"
},
"product_reference": "gofer-package-0:0.66.1-2.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gofer-watchdog-0:0.66.1-2.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:gofer-watchdog-0:0.66.1-2.el6cf.noarch"
},
"product_reference": "gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grinder-0:0.0.150-1.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.noarch"
},
"product_reference": "grinder-0:0.0.150-1.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grinder-0:0.0.150-1.el6cf.src as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.src"
},
"product_reference": "grinder-0:0.0.150-1.el6cf.src",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-0:1.1.12-22.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:katello-0:1.1.12-22.el6cf.noarch"
},
"product_reference": "katello-0:1.1.12-22.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-0:1.1.12-22.el6cf.src as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:katello-0:1.1.12-22.el6cf.src"
},
"product_reference": "katello-0:1.1.12-22.el6cf.src",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-all-0:1.1.12-22.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:katello-all-0:1.1.12-22.el6cf.noarch"
},
"product_reference": "katello-all-0:1.1.12-22.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-api-docs-0:1.1.12-22.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:katello-api-docs-0:1.1.12-22.el6cf.noarch"
},
"product_reference": "katello-api-docs-0:1.1.12-22.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-certs-tools-0:1.1.8-1.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.noarch"
},
"product_reference": "katello-certs-tools-0:1.1.8-1.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-certs-tools-0:1.1.8-1.el6cf.src as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.src"
},
"product_reference": "katello-certs-tools-0:1.1.8-1.el6cf.src",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-cli-0:1.1.8-12.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.noarch"
},
"product_reference": "katello-cli-0:1.1.8-12.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-cli-0:1.1.8-12.el6cf.src as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.src"
},
"product_reference": "katello-cli-0:1.1.8-12.el6cf.src",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-cli-common-0:1.1.8-12.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:katello-cli-common-0:1.1.8-12.el6cf.noarch"
},
"product_reference": "katello-cli-common-0:1.1.8-12.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-cli-tests-0:1.1.5-2.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.noarch"
},
"product_reference": "katello-cli-tests-0:1.1.5-2.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-cli-tests-0:1.1.5-2.el6cf.src as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.src"
},
"product_reference": "katello-cli-tests-0:1.1.5-2.el6cf.src",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-common-0:1.1.12-22.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:katello-common-0:1.1.12-22.el6cf.noarch"
},
"product_reference": "katello-common-0:1.1.12-22.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-configure-0:1.1.9-12.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.noarch"
},
"product_reference": "katello-configure-0:1.1.9-12.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-configure-0:1.1.9-12.el6cf.src as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.src"
},
"product_reference": "katello-configure-0:1.1.9-12.el6cf.src",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-glue-candlepin-0:1.1.12-22.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:katello-glue-candlepin-0:1.1.12-22.el6cf.noarch"
},
"product_reference": "katello-glue-candlepin-0:1.1.12-22.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-glue-pulp-0:1.1.12-22.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:katello-glue-pulp-0:1.1.12-22.el6cf.noarch"
},
"product_reference": "katello-glue-pulp-0:1.1.12-22.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-selinux-0:1.1.1-2.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.noarch"
},
"product_reference": "katello-selinux-0:1.1.1-2.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-selinux-0:1.1.1-2.el6cf.src as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.src"
},
"product_reference": "katello-selinux-0:1.1.1-2.el6cf.src",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pulp-0:1.1.14-1.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.noarch"
},
"product_reference": "pulp-0:1.1.14-1.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pulp-0:1.1.14-1.el6cf.src as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.src"
},
"product_reference": "pulp-0:1.1.14-1.el6cf.src",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pulp-admin-0:1.1.14-1.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:pulp-admin-0:1.1.14-1.el6cf.noarch"
},
"product_reference": "pulp-admin-0:1.1.14-1.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pulp-client-lib-0:1.1.14-1.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:pulp-client-lib-0:1.1.14-1.el6cf.noarch"
},
"product_reference": "pulp-client-lib-0:1.1.14-1.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pulp-common-0:1.1.14-1.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:pulp-common-0:1.1.14-1.el6cf.noarch"
},
"product_reference": "pulp-common-0:1.1.14-1.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pulp-consumer-0:1.1.14-1.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:pulp-consumer-0:1.1.14-1.el6cf.noarch"
},
"product_reference": "pulp-consumer-0:1.1.14-1.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pulp-selinux-server-0:1.1.14-1.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:pulp-selinux-server-0:1.1.14-1.el6cf.noarch"
},
"product_reference": "pulp-selinux-server-0:1.1.14-1.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-gofer-0:0.66.1-2.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:python-gofer-0:0.66.1-2.el6cf.noarch"
},
"product_reference": "python-gofer-0:0.66.1-2.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "quartz-0:2.1.5-4.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.noarch"
},
"product_reference": "quartz-0:2.1.5-4.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "quartz-0:2.1.5-4.el6cf.src as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.src"
},
"product_reference": "quartz-0:2.1.5-4.el6cf.src",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-apipie-rails-0:0.0.11-3.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.noarch"
},
"product_reference": "rubygem-apipie-rails-0:0.0.11-3.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-apipie-rails-0:0.0.11-3.el6cf.src as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.src"
},
"product_reference": "rubygem-apipie-rails-0:0.0.11-3.el6cf.src",
"relates_to_product_reference": "6Server-SystemEngine"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"James Laska"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2012-3538",
"discovery_date": "2012-08-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "852199"
}
],
"notes": [
{
"category": "description",
"text": "Pulp in Red Hat CloudForms before 1.1 logs administrative passwords in a world-readable file, which allows local users to read pulp administrative passwords by reading production.log.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "katello: pulp admin password logged in plaintext in world-readable katello/production.log",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-CloudTools:gofer-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-0:0.66.1-2.el5.src",
"5Server-CloudTools:gofer-package-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-watchdog-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.src",
"5Server-CloudTools:python-gofer-0:0.66.1-2.el5.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.src",
"6Server-CloudTools:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.src",
"6Server-CloudTools:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.src",
"6Server-SystemEngine:candlepin-devel-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-selinux-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-tomcat6-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.src",
"6Server-SystemEngine:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.src",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.src",
"6Server-SystemEngine:katello-all-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-api-docs-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.src",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.src",
"6Server-SystemEngine:katello-cli-common-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.src",
"6Server-SystemEngine:katello-common-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.src",
"6Server-SystemEngine:katello-glue-candlepin-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-glue-pulp-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.src",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.src",
"6Server-SystemEngine:pulp-admin-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-client-lib-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-common-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-consumer-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-selinux-server-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.src",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-3538"
},
{
"category": "external",
"summary": "RHBZ#852199",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=852199"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-3538",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3538"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-3538",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-3538"
}
],
"release_date": "2012-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2012-12-04T19:32:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"5Server-CloudTools:gofer-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-0:0.66.1-2.el5.src",
"5Server-CloudTools:gofer-package-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-watchdog-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.src",
"5Server-CloudTools:python-gofer-0:0.66.1-2.el5.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.src",
"6Server-CloudTools:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.src",
"6Server-CloudTools:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.src",
"6Server-SystemEngine:candlepin-devel-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-selinux-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-tomcat6-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.src",
"6Server-SystemEngine:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.src",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.src",
"6Server-SystemEngine:katello-all-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-api-docs-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.src",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.src",
"6Server-SystemEngine:katello-cli-common-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.src",
"6Server-SystemEngine:katello-common-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.src",
"6Server-SystemEngine:katello-glue-candlepin-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-glue-pulp-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.src",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.src",
"6Server-SystemEngine:pulp-admin-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-client-lib-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-common-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-consumer-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-selinux-server-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.src",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:1543"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-CloudTools:gofer-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-0:0.66.1-2.el5.src",
"5Server-CloudTools:gofer-package-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-watchdog-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.src",
"5Server-CloudTools:python-gofer-0:0.66.1-2.el5.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.src",
"6Server-CloudTools:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.src",
"6Server-CloudTools:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.src",
"6Server-SystemEngine:candlepin-devel-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-selinux-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-tomcat6-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.src",
"6Server-SystemEngine:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.src",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.src",
"6Server-SystemEngine:katello-all-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-api-docs-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.src",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.src",
"6Server-SystemEngine:katello-cli-common-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.src",
"6Server-SystemEngine:katello-common-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.src",
"6Server-SystemEngine:katello-glue-candlepin-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-glue-pulp-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.src",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.src",
"6Server-SystemEngine:pulp-admin-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-client-lib-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-common-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-consumer-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-selinux-server-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.src",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "katello: pulp admin password logged in plaintext in world-readable katello/production.log"
},
{
"acknowledgments": [
{
"names": [
"Kurt Seifried"
],
"organization": "Red Hat Security Response Team",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2012-4574",
"discovery_date": "2012-11-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "872487"
}
],
"notes": [
{
"category": "description",
"text": "Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf, which allows local users to read the administrative password by reading this file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pulp /etc/pulp/pulp.conf world readable, contains default admin password",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-CloudTools:gofer-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-0:0.66.1-2.el5.src",
"5Server-CloudTools:gofer-package-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-watchdog-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.src",
"5Server-CloudTools:python-gofer-0:0.66.1-2.el5.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.src",
"6Server-CloudTools:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.src",
"6Server-CloudTools:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.src",
"6Server-SystemEngine:candlepin-devel-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-selinux-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-tomcat6-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.src",
"6Server-SystemEngine:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.src",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.src",
"6Server-SystemEngine:katello-all-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-api-docs-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.src",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.src",
"6Server-SystemEngine:katello-cli-common-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.src",
"6Server-SystemEngine:katello-common-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.src",
"6Server-SystemEngine:katello-glue-candlepin-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-glue-pulp-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.src",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.src",
"6Server-SystemEngine:pulp-admin-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-client-lib-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-common-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-consumer-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-selinux-server-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.src",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-4574"
},
{
"category": "external",
"summary": "RHBZ#872487",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=872487"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-4574",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-4574"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4574",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4574"
}
],
"release_date": "2012-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2012-12-04T19:32:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"5Server-CloudTools:gofer-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-0:0.66.1-2.el5.src",
"5Server-CloudTools:gofer-package-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-watchdog-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.src",
"5Server-CloudTools:python-gofer-0:0.66.1-2.el5.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.src",
"6Server-CloudTools:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.src",
"6Server-CloudTools:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.src",
"6Server-SystemEngine:candlepin-devel-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-selinux-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-tomcat6-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.src",
"6Server-SystemEngine:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.src",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.src",
"6Server-SystemEngine:katello-all-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-api-docs-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.src",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.src",
"6Server-SystemEngine:katello-cli-common-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.src",
"6Server-SystemEngine:katello-common-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.src",
"6Server-SystemEngine:katello-glue-candlepin-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-glue-pulp-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.src",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.src",
"6Server-SystemEngine:pulp-admin-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-client-lib-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-common-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-consumer-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-selinux-server-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.src",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:1543"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-CloudTools:gofer-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-0:0.66.1-2.el5.src",
"5Server-CloudTools:gofer-package-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-watchdog-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.src",
"5Server-CloudTools:python-gofer-0:0.66.1-2.el5.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.src",
"6Server-CloudTools:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.src",
"6Server-CloudTools:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.src",
"6Server-SystemEngine:candlepin-devel-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-selinux-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-tomcat6-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.src",
"6Server-SystemEngine:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.src",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.src",
"6Server-SystemEngine:katello-all-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-api-docs-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.src",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.src",
"6Server-SystemEngine:katello-cli-common-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.src",
"6Server-SystemEngine:katello-common-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.src",
"6Server-SystemEngine:katello-glue-candlepin-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-glue-pulp-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.src",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.src",
"6Server-SystemEngine:pulp-admin-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-client-lib-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-common-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-consumer-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-selinux-server-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.src",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "pulp /etc/pulp/pulp.conf world readable, contains default admin password"
},
{
"acknowledgments": [
{
"names": [
"Lukas Zapletal"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2012-5603",
"discovery_date": "2012-05-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "882129"
}
],
"notes": [
{
"category": "description",
"text": "proxies_controller.rb in Katello in Red Hat CloudForms before 1.1 does not properly check permissions, which allows remote authenticated users to read consumer certificates or change arbitrary users\u0027 settings via unspecified vectors related to the \"consumer UUID\" of a system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Katello: lack of authorization in proxies_controller.rb",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-CloudTools:gofer-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-0:0.66.1-2.el5.src",
"5Server-CloudTools:gofer-package-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-watchdog-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.src",
"5Server-CloudTools:python-gofer-0:0.66.1-2.el5.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.src",
"6Server-CloudTools:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.src",
"6Server-CloudTools:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.src",
"6Server-SystemEngine:candlepin-devel-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-selinux-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-tomcat6-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.src",
"6Server-SystemEngine:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.src",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.src",
"6Server-SystemEngine:katello-all-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-api-docs-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.src",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.src",
"6Server-SystemEngine:katello-cli-common-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.src",
"6Server-SystemEngine:katello-common-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.src",
"6Server-SystemEngine:katello-glue-candlepin-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-glue-pulp-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.src",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.src",
"6Server-SystemEngine:pulp-admin-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-client-lib-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-common-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-consumer-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-selinux-server-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.src",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-5603"
},
{
"category": "external",
"summary": "RHBZ#882129",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=882129"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-5603",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5603"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5603",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5603"
}
],
"release_date": "2012-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2012-12-04T19:32:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"5Server-CloudTools:gofer-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-0:0.66.1-2.el5.src",
"5Server-CloudTools:gofer-package-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-watchdog-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.src",
"5Server-CloudTools:python-gofer-0:0.66.1-2.el5.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.src",
"6Server-CloudTools:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.src",
"6Server-CloudTools:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.src",
"6Server-SystemEngine:candlepin-devel-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-selinux-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-tomcat6-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.src",
"6Server-SystemEngine:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.src",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.src",
"6Server-SystemEngine:katello-all-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-api-docs-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.src",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.src",
"6Server-SystemEngine:katello-cli-common-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.src",
"6Server-SystemEngine:katello-common-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.src",
"6Server-SystemEngine:katello-glue-candlepin-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-glue-pulp-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.src",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.src",
"6Server-SystemEngine:pulp-admin-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-client-lib-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-common-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-consumer-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-selinux-server-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.src",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:1543"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-CloudTools:gofer-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-0:0.66.1-2.el5.src",
"5Server-CloudTools:gofer-package-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-watchdog-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.src",
"5Server-CloudTools:python-gofer-0:0.66.1-2.el5.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.src",
"6Server-CloudTools:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.src",
"6Server-CloudTools:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.src",
"6Server-SystemEngine:candlepin-devel-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-selinux-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-tomcat6-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.src",
"6Server-SystemEngine:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.src",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.src",
"6Server-SystemEngine:katello-all-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-api-docs-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.src",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.src",
"6Server-SystemEngine:katello-cli-common-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.src",
"6Server-SystemEngine:katello-common-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.src",
"6Server-SystemEngine:katello-glue-candlepin-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-glue-pulp-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.src",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.src",
"6Server-SystemEngine:pulp-admin-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-client-lib-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-common-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-consumer-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-selinux-server-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.src",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Katello: lack of authorization in proxies_controller.rb"
},
{
"acknowledgments": [
{
"names": [
"James Labocki"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2012-5605",
"discovery_date": "2012-06-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "882138"
}
],
"notes": [
{
"category": "description",
"text": "Grinder in Red Hat CloudForms before 1.1 uses world-writable permissions for /var/lib/pulp/cache/grinder/, which allows local users to modify grinder cache files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "grinder: /var/lib/pulp/cache/grinder directory is world-writeable",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Update Infrastructure 2.1.3 is now in Production 2 Phase of the support and maintenance life cycle. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Update Infrastructure Life Cycle: https://access.redhat.com/support/policy/updates/rhui.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-CloudTools:gofer-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-0:0.66.1-2.el5.src",
"5Server-CloudTools:gofer-package-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-watchdog-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.src",
"5Server-CloudTools:python-gofer-0:0.66.1-2.el5.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.src",
"6Server-CloudTools:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.src",
"6Server-CloudTools:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.src",
"6Server-SystemEngine:candlepin-devel-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-selinux-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-tomcat6-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.src",
"6Server-SystemEngine:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.src",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.src",
"6Server-SystemEngine:katello-all-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-api-docs-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.src",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.src",
"6Server-SystemEngine:katello-cli-common-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.src",
"6Server-SystemEngine:katello-common-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.src",
"6Server-SystemEngine:katello-glue-candlepin-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-glue-pulp-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.src",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.src",
"6Server-SystemEngine:pulp-admin-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-client-lib-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-common-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-consumer-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-selinux-server-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.src",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-5605"
},
{
"category": "external",
"summary": "RHBZ#882138",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=882138"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-5605",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5605"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5605",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5605"
}
],
"release_date": "2012-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2012-12-04T19:32:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"5Server-CloudTools:gofer-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-0:0.66.1-2.el5.src",
"5Server-CloudTools:gofer-package-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-watchdog-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.src",
"5Server-CloudTools:python-gofer-0:0.66.1-2.el5.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.src",
"6Server-CloudTools:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.src",
"6Server-CloudTools:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.src",
"6Server-SystemEngine:candlepin-devel-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-selinux-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-tomcat6-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.src",
"6Server-SystemEngine:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.src",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.src",
"6Server-SystemEngine:katello-all-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-api-docs-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.src",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.src",
"6Server-SystemEngine:katello-cli-common-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.src",
"6Server-SystemEngine:katello-common-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.src",
"6Server-SystemEngine:katello-glue-candlepin-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-glue-pulp-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.src",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.src",
"6Server-SystemEngine:pulp-admin-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-client-lib-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-common-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-consumer-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-selinux-server-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.src",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:1543"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-CloudTools:gofer-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-0:0.66.1-2.el5.src",
"5Server-CloudTools:gofer-package-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-watchdog-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.src",
"5Server-CloudTools:python-gofer-0:0.66.1-2.el5.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.src",
"6Server-CloudTools:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.src",
"6Server-CloudTools:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.src",
"6Server-SystemEngine:candlepin-devel-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-selinux-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-tomcat6-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.src",
"6Server-SystemEngine:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.src",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.src",
"6Server-SystemEngine:katello-all-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-api-docs-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.src",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.src",
"6Server-SystemEngine:katello-cli-common-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.src",
"6Server-SystemEngine:katello-common-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.src",
"6Server-SystemEngine:katello-glue-candlepin-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-glue-pulp-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.src",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.src",
"6Server-SystemEngine:pulp-admin-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-client-lib-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-common-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-consumer-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-selinux-server-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.src",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "grinder: /var/lib/pulp/cache/grinder directory is world-writeable"
}
]
}
RHBA-2013:0571
Vulnerability from csaf_redhat - Published: 2013-02-27 16:58 - Updated: 2025-11-21 17:20Summary
Red Hat Bug Fix Advisory: Red Hat Update Infrastructure 2.1.1 bug fix update
Severity
Moderate
Notes
Topic: Updated Red Hat Update Infrastructure 2.1.1 packages that fix several bugs are now available.
Details: Red Hat Update Infrastructure (RHUI) is a collection of technologies that offers cloud providers the ability to easily deploy Red Hat solutions into their environments. The rh-rhui-tools package has a series of tools necessary to configure the RHUI.
View a full list of bug fixes in this release in the Red Hat Update Infrastructure Technical Notes:
https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Update_Infrastructure/2.1/html/Technical_Notes/chap-Red_Hat_Update_Infrastructure-Technical_Notes-RHBA-2013_14489-02.html
All users of the Red Hat Update Infrastructure are advised to upgrade to this updated package, which fixes these bugs.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf, which allows local users to read the administrative password by reading this file.
4.9 ()
Vendor Fix
For details on how to update to RHUI 2.1.1, see the RHUI Administration Guide, section "Updating Red Hat Update Infrastructure". The Administration Guide is available from https://access.redhat.com/knowledge/docs/
https://access.redhat.com/errata/RHBA-2013:0571
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Acknowledgments
Red Hat Security Response Team
Kurt Seifried
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated Red Hat Update Infrastructure 2.1.1 packages that fix several bugs are now available.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Update Infrastructure (RHUI) is a collection of technologies that offers cloud providers the ability to easily deploy Red Hat solutions into their environments. The rh-rhui-tools package has a series of tools necessary to configure the RHUI.\n\nView a full list of bug fixes in this release in the Red Hat Update Infrastructure Technical Notes:\n\nhttps://access.redhat.com/knowledge/docs/en-US/Red_Hat_Update_Infrastructure/2.1/html/Technical_Notes/chap-Red_Hat_Update_Infrastructure-Technical_Notes-RHBA-2013_14489-02.html\n\nAll users of the Red Hat Update Infrastructure are advised to upgrade to this updated package, which fixes these bugs.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2013:0571",
"url": "https://access.redhat.com/errata/RHBA-2013:0571"
},
{
"category": "external",
"summary": "811796",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=811796"
},
{
"category": "external",
"summary": "815975",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=815975"
},
{
"category": "external",
"summary": "821319",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=821319"
},
{
"category": "external",
"summary": "833007",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=833007"
},
{
"category": "external",
"summary": "845941",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=845941"
},
{
"category": "external",
"summary": "847080",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=847080"
},
{
"category": "external",
"summary": "847306",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=847306"
},
{
"category": "external",
"summary": "848885",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=848885"
},
{
"category": "external",
"summary": "856637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=856637"
},
{
"category": "external",
"summary": "860494",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=860494"
},
{
"category": "external",
"summary": "862016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=862016"
},
{
"category": "external",
"summary": "865822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=865822"
},
{
"category": "external",
"summary": "867803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=867803"
},
{
"category": "external",
"summary": "871497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=871497"
},
{
"category": "external",
"summary": "876423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=876423"
},
{
"category": "external",
"summary": "879546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=879546"
},
{
"category": "external",
"summary": "892394",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=892394"
},
{
"category": "external",
"summary": "902557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=902557"
},
{
"category": "external",
"summary": "908639",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=908639"
},
{
"category": "external",
"summary": "910707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=910707"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhba-2013_0571.json"
}
],
"title": "Red Hat Bug Fix Advisory: Red Hat Update Infrastructure 2.1.1 bug fix update",
"tracking": {
"current_release_date": "2025-11-21T17:20:57+00:00",
"generator": {
"date": "2025-11-21T17:20:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHBA-2013:0571",
"initial_release_date": "2013-02-27T16:58:22+00:00",
"revision_history": [
{
"date": "2013-02-27T16:58:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2013-02-27T16:58:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:20:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHUI for RHEL 6",
"product": {
"name": "RHUI for RHEL 6",
"product_id": "RHUI for RHEL 6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhui:2::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat Update Infrastructure"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Kurt Seifried"
],
"organization": "Red Hat Security Response Team",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2012-4574",
"discovery_date": "2012-11-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "872487"
}
],
"notes": [
{
"category": "description",
"text": "Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf, which allows local users to read the administrative password by reading this file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pulp /etc/pulp/pulp.conf world readable, contains default admin password",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHUI for RHEL 6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-4574"
},
{
"category": "external",
"summary": "RHBZ#872487",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=872487"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-4574",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-4574"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4574",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4574"
}
],
"release_date": "2012-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-02-27T16:58:22+00:00",
"details": "For details on how to update to RHUI 2.1.1, see the RHUI Administration Guide, section \"Updating Red Hat Update Infrastructure\". The Administration Guide is available from https://access.redhat.com/knowledge/docs/",
"product_ids": [
"RHUI for RHEL 6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2013:0571"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
"products": [
"RHUI for RHEL 6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "pulp /etc/pulp/pulp.conf world readable, contains default admin password"
}
]
}
RHSA-2012_1543
Vulnerability from csaf_redhat - Published: 2012-12-04 19:32 - Updated: 2024-11-22 05:57Summary
Red Hat Security Advisory: CloudForms System Engine 1.1 update
Severity
Important
Notes
Topic: Updated CloudForms System Engine packages that fix multiple security
issues, several bugs, and add enhancements are now available.
The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details: Red Hat CloudForms is an on-premise hybrid cloud
Infrastructure-as-a-Service (IaaS) product that lets you create and manage
private and public clouds.
This update fixes bugs in and adds enhancements to the System Engine
packages, and upgrades the system to CloudForms 1.1.
This update also fixes the following security issues:
It was discovered that Katello did not properly check user permissions when
handling certain requests. An authenticated remote attacker could use this
flaw to download consumer certificates or change settings of other users'
systems if they knew the target system's UUID. (CVE-2012-5603)
It was discovered that Pulp logged administrative passwords to a world
readable log file. A local attacker could use this flaw to control systems
deployed and managed by CloudForms. (CVE-2012-3538)
It was discovered that the Pulp configuration file pulp.conf was installed
as world readable. A local attacker could use this flaw to view the
administrative password, allowing them to control systems deployed and
managed by CloudForms. (CVE-2012-4574)
It was discovered that grinder used insecure permissions for its cache
directory. A local attacker could use this flaw to access or modify files
in the cache. (CVE-2012-5605)
The CVE-2012-5603 issue was discovered by Lukas Zapletal of Red Hat;
CVE-2012-3538 was discovered by James Laska of Red Hat; CVE-2012-4574 was
discovered by Kurt Seifried of Red Hat; and CVE-2012-5605 was discovered by
James Labocki of Red Hat.
After upgrading to these new packages, follow the instructions in the "4.1.
Upgrading CloudForms System Engine" section of the CloudForms 1.1
Installation Guide:
https://access.redhat.com/knowledge/docs/en-US/CloudForms/1.1/html/Installation_Guide/index.html
To view the full list of changes in this update, view the CloudForms
Technical Notes:
https://access.redhat.com/knowledge/docs/en-US/CloudForms/1.1/html/Technical_Notes/index.html
Users are advised to upgrade to these updated CloudForms System Engine
packages, which resolve these issues and add these enhancements.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Pulp in Red Hat CloudForms before 1.1 logs administrative passwords in a world-readable file, which allows local users to read pulp administrative passwords by reading production.log.
4.9 ()
Vendor Fix
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258
https://access.redhat.com/errata/RHSA-2012:1543
Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf, which allows local users to read the administrative password by reading this file.
4.9 ()
Vendor Fix
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258
https://access.redhat.com/errata/RHSA-2012:1543
proxies_controller.rb in Katello in Red Hat CloudForms before 1.1 does not properly check permissions, which allows remote authenticated users to read consumer certificates or change arbitrary users' settings via unspecified vectors related to the "consumer UUID" of a system.
5.5 ()
Vendor Fix
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258
https://access.redhat.com/errata/RHSA-2012:1543
Grinder in Red Hat CloudForms before 1.1 uses world-writable permissions for /var/lib/pulp/cache/grinder/, which allows local users to modify grinder cache files.
4.6 ()
Vendor Fix
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258
https://access.redhat.com/errata/RHSA-2012:1543
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Acknowledgments
Red Hat
James Laska
Red Hat Security Response Team
Kurt Seifried
Red Hat
Lukas Zapletal
Red Hat
James Labocki
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated CloudForms System Engine packages that fix multiple security\nissues, several bugs, and add enhancements are now available.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat CloudForms is an on-premise hybrid cloud\nInfrastructure-as-a-Service (IaaS) product that lets you create and manage\nprivate and public clouds.\n\nThis update fixes bugs in and adds enhancements to the System Engine\npackages, and upgrades the system to CloudForms 1.1.\n\nThis update also fixes the following security issues:\n\nIt was discovered that Katello did not properly check user permissions when\nhandling certain requests. An authenticated remote attacker could use this\nflaw to download consumer certificates or change settings of other users\u0027\nsystems if they knew the target system\u0027s UUID. (CVE-2012-5603)\n\nIt was discovered that Pulp logged administrative passwords to a world\nreadable log file. A local attacker could use this flaw to control systems\ndeployed and managed by CloudForms. (CVE-2012-3538)\n\nIt was discovered that the Pulp configuration file pulp.conf was installed\nas world readable. A local attacker could use this flaw to view the\nadministrative password, allowing them to control systems deployed and\nmanaged by CloudForms. (CVE-2012-4574)\n\nIt was discovered that grinder used insecure permissions for its cache\ndirectory. A local attacker could use this flaw to access or modify files\nin the cache. (CVE-2012-5605)\n\nThe CVE-2012-5603 issue was discovered by Lukas Zapletal of Red Hat;\nCVE-2012-3538 was discovered by James Laska of Red Hat; CVE-2012-4574 was\ndiscovered by Kurt Seifried of Red Hat; and CVE-2012-5605 was discovered by\nJames Labocki of Red Hat.\n\nAfter upgrading to these new packages, follow the instructions in the \"4.1.\nUpgrading CloudForms System Engine\" section of the CloudForms 1.1\nInstallation Guide:\n\nhttps://access.redhat.com/knowledge/docs/en-US/CloudForms/1.1/html/Installation_Guide/index.html\n\nTo view the full list of changes in this update, view the CloudForms\nTechnical Notes:\n\nhttps://access.redhat.com/knowledge/docs/en-US/CloudForms/1.1/html/Technical_Notes/index.html\n\nUsers are advised to upgrade to these updated CloudForms System Engine\npackages, which resolve these issues and add these enhancements.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2012:1543",
"url": "https://access.redhat.com/errata/RHSA-2012:1543"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/knowledge/docs/en-US/CloudForms/1.1/html/Installation_Guide/index.html",
"url": "https://access.redhat.com/knowledge/docs/en-US/CloudForms/1.1/html/Installation_Guide/index.html"
},
{
"category": "external",
"summary": "https://access.redhat.com/knowledge/docs/en-US/CloudForms/1.1/html/Technical_Notes/index.html",
"url": "https://access.redhat.com/knowledge/docs/en-US/CloudForms/1.1/html/Technical_Notes/index.html"
},
{
"category": "external",
"summary": "746765",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=746765"
},
{
"category": "external",
"summary": "753128",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=753128"
},
{
"category": "external",
"summary": "760180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=760180"
},
{
"category": "external",
"summary": "766694",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=766694"
},
{
"category": "external",
"summary": "769559",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=769559"
},
{
"category": "external",
"summary": "782954",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=782954"
},
{
"category": "external",
"summary": "786176",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=786176"
},
{
"category": "external",
"summary": "786226",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=786226"
},
{
"category": "external",
"summary": "787184",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=787184"
},
{
"category": "external",
"summary": "787305",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=787305"
},
{
"category": "external",
"summary": "789139",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=789139"
},
{
"category": "external",
"summary": "789535",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=789535"
},
{
"category": "external",
"summary": "790138",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=790138"
},
{
"category": "external",
"summary": "790342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=790342"
},
{
"category": "external",
"summary": "796047",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=796047"
},
{
"category": "external",
"summary": "796972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=796972"
},
{
"category": "external",
"summary": "797299",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=797299"
},
{
"category": "external",
"summary": "797321",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=797321"
},
{
"category": "external",
"summary": "797412",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=797412"
},
{
"category": "external",
"summary": "799538",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=799538"
},
{
"category": "external",
"summary": "800529",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800529"
},
{
"category": "external",
"summary": "801454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=801454"
},
{
"category": "external",
"summary": "801580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=801580"
},
{
"category": "external",
"summary": "802925",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=802925"
},
{
"category": "external",
"summary": "803548",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=803548"
},
{
"category": "external",
"summary": "803702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=803702"
},
{
"category": "external",
"summary": "803728",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=803728"
},
{
"category": "external",
"summary": "803761",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=803761"
},
{
"category": "external",
"summary": "804127",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=804127"
},
{
"category": "external",
"summary": "804555",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=804555"
},
{
"category": "external",
"summary": "804610",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=804610"
},
{
"category": "external",
"summary": "804685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=804685"
},
{
"category": "external",
"summary": "805027",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=805027"
},
{
"category": "external",
"summary": "805412",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=805412"
},
{
"category": "external",
"summary": "805627",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=805627"
},
{
"category": "external",
"summary": "805709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=805709"
},
{
"category": "external",
"summary": "805956",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=805956"
},
{
"category": "external",
"summary": "806076",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=806076"
},
{
"category": "external",
"summary": "806078",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=806078"
},
{
"category": "external",
"summary": "806083",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=806083"
},
{
"category": "external",
"summary": "806353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=806353"
},
{
"category": "external",
"summary": "806879",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=806879"
},
{
"category": "external",
"summary": "806940",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=806940"
},
{
"category": "external",
"summary": "806969",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=806969"
},
{
"category": "external",
"summary": "807288",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=807288"
},
{
"category": "external",
"summary": "807291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=807291"
},
{
"category": "external",
"summary": "807468",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=807468"
},
{
"category": "external",
"summary": "807804",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=807804"
},
{
"category": "external",
"summary": "808172",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=808172"
},
{
"category": "external",
"summary": "808437",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=808437"
},
{
"category": "external",
"summary": "809259",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=809259"
},
{
"category": "external",
"summary": "810378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=810378"
},
{
"category": "external",
"summary": "810945",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=810945"
},
{
"category": "external",
"summary": "811556",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=811556"
},
{
"category": "external",
"summary": "811564",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=811564"
},
{
"category": "external",
"summary": "812417",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=812417"
},
{
"category": "external",
"summary": "813675",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=813675"
},
{
"category": "external",
"summary": "815308",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=815308"
},
{
"category": "external",
"summary": "815802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=815802"
},
{
"category": "external",
"summary": "816935",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=816935"
},
{
"category": "external",
"summary": "817123",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=817123"
},
{
"category": "external",
"summary": "818204",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=818204"
},
{
"category": "external",
"summary": "818261",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=818261"
},
{
"category": "external",
"summary": "818370",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=818370"
},
{
"category": "external",
"summary": "819593",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=819593"
},
{
"category": "external",
"summary": "819941",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=819941"
},
{
"category": "external",
"summary": "820373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=820373"
},
{
"category": "external",
"summary": "820385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=820385"
},
{
"category": "external",
"summary": "820624",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=820624"
},
{
"category": "external",
"summary": "820626",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=820626"
},
{
"category": "external",
"summary": "820630",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=820630"
},
{
"category": "external",
"summary": "821345",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=821345"
},
{
"category": "external",
"summary": "821644",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=821644"
},
{
"category": "external",
"summary": "821929",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=821929"
},
{
"category": "external",
"summary": "822119",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=822119"
},
{
"category": "external",
"summary": "822484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=822484"
},
{
"category": "external",
"summary": "823688",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=823688"
},
{
"category": "external",
"summary": "824069",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=824069"
},
{
"category": "external",
"summary": "824581",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=824581"
},
{
"category": "external",
"summary": "826581",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=826581"
},
{
"category": "external",
"summary": "827087",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=827087"
},
{
"category": "external",
"summary": "827108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=827108"
},
{
"category": "external",
"summary": "828447",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=828447"
},
{
"category": "external",
"summary": "828533",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=828533"
},
{
"category": "external",
"summary": "829208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=829208"
},
{
"category": "external",
"summary": "829437",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=829437"
},
{
"category": "external",
"summary": "829794",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=829794"
},
{
"category": "external",
"summary": "830176",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=830176"
},
{
"category": "external",
"summary": "831664",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=831664"
},
{
"category": "external",
"summary": "834006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=834006"
},
{
"category": "external",
"summary": "834013",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=834013"
},
{
"category": "external",
"summary": "834242",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=834242"
},
{
"category": "external",
"summary": "834646",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=834646"
},
{
"category": "external",
"summary": "834697",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=834697"
},
{
"category": "external",
"summary": "835586",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=835586"
},
{
"category": "external",
"summary": "835591",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=835591"
},
{
"category": "external",
"summary": "835875",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=835875"
},
{
"category": "external",
"summary": "836339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=836339"
},
{
"category": "external",
"summary": "836575",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=836575"
},
{
"category": "external",
"summary": "837000",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=837000"
},
{
"category": "external",
"summary": "839005",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=839005"
},
{
"category": "external",
"summary": "840616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=840616"
},
{
"category": "external",
"summary": "840624",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=840624"
},
{
"category": "external",
"summary": "840625",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=840625"
},
{
"category": "external",
"summary": "841000",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=841000"
},
{
"category": "external",
"summary": "841289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=841289"
},
{
"category": "external",
"summary": "841300",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=841300"
},
{
"category": "external",
"summary": "841310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=841310"
},
{
"category": "external",
"summary": "841686",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=841686"
},
{
"category": "external",
"summary": "841691",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=841691"
},
{
"category": "external",
"summary": "841984",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=841984"
},
{
"category": "external",
"summary": "841998",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=841998"
},
{
"category": "external",
"summary": "842003",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=842003"
},
{
"category": "external",
"summary": "842005",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=842005"
},
{
"category": "external",
"summary": "842010",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=842010"
},
{
"category": "external",
"summary": "842252",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=842252"
},
{
"category": "external",
"summary": "842256",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=842256"
},
{
"category": "external",
"summary": "842271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=842271"
},
{
"category": "external",
"summary": "842569",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=842569"
},
{
"category": "external",
"summary": "842838",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=842838"
},
{
"category": "external",
"summary": "842858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=842858"
},
{
"category": "external",
"summary": "843059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=843059"
},
{
"category": "external",
"summary": "843061",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=843061"
},
{
"category": "external",
"summary": "843064",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=843064"
},
{
"category": "external",
"summary": "843161",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=843161"
},
{
"category": "external",
"summary": "843165",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=843165"
},
{
"category": "external",
"summary": "843462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=843462"
},
{
"category": "external",
"summary": "843529",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=843529"
},
{
"category": "external",
"summary": "843845",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=843845"
},
{
"category": "external",
"summary": "844414",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=844414"
},
{
"category": "external",
"summary": "844417",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=844417"
},
{
"category": "external",
"summary": "844678",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=844678"
},
{
"category": "external",
"summary": "844796",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=844796"
},
{
"category": "external",
"summary": "844806",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=844806"
},
{
"category": "external",
"summary": "845060",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=845060"
},
{
"category": "external",
"summary": "845096",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=845096"
},
{
"category": "external",
"summary": "845198",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=845198"
},
{
"category": "external",
"summary": "845224",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=845224"
},
{
"category": "external",
"summary": "845576",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=845576"
},
{
"category": "external",
"summary": "845580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=845580"
},
{
"category": "external",
"summary": "845613",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=845613"
},
{
"category": "external",
"summary": "845668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=845668"
},
{
"category": "external",
"summary": "845995",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=845995"
},
{
"category": "external",
"summary": "846251",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=846251"
},
{
"category": "external",
"summary": "846482",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=846482"
},
{
"category": "external",
"summary": "846719",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=846719"
},
{
"category": "external",
"summary": "847002",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=847002"
},
{
"category": "external",
"summary": "847115",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=847115"
},
{
"category": "external",
"summary": "847858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=847858"
},
{
"category": "external",
"summary": "848038",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=848038"
},
{
"category": "external",
"summary": "849224",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=849224"
},
{
"category": "external",
"summary": "850342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=850342"
},
{
"category": "external",
"summary": "850790",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=850790"
},
{
"category": "external",
"summary": "851080",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=851080"
},
{
"category": "external",
"summary": "851142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=851142"
},
{
"category": "external",
"summary": "851512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=851512"
},
{
"category": "external",
"summary": "852006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=852006"
},
{
"category": "external",
"summary": "852119",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=852119"
},
{
"category": "external",
"summary": "852167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=852167"
},
{
"category": "external",
"summary": "852199",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=852199"
},
{
"category": "external",
"summary": "852316",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=852316"
},
{
"category": "external",
"summary": "852388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=852388"
},
{
"category": "external",
"summary": "852791",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=852791"
},
{
"category": "external",
"summary": "852804",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=852804"
},
{
"category": "external",
"summary": "853056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=853056"
},
{
"category": "external",
"summary": "853229",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=853229"
},
{
"category": "external",
"summary": "853356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=853356"
},
{
"category": "external",
"summary": "853445",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=853445"
},
{
"category": "external",
"summary": "853995",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=853995"
},
{
"category": "external",
"summary": "854697",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=854697"
},
{
"category": "external",
"summary": "855184",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=855184"
},
{
"category": "external",
"summary": "855267",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=855267"
},
{
"category": "external",
"summary": "855406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=855406"
},
{
"category": "external",
"summary": "856220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=856220"
},
{
"category": "external",
"summary": "857078",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=857078"
},
{
"category": "external",
"summary": "857230",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=857230"
},
{
"category": "external",
"summary": "857274",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=857274"
},
{
"category": "external",
"summary": "857499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=857499"
},
{
"category": "external",
"summary": "857539",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=857539"
},
{
"category": "external",
"summary": "857550",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=857550"
},
{
"category": "external",
"summary": "857574",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=857574"
},
{
"category": "external",
"summary": "857720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=857720"
},
{
"category": "external",
"summary": "857727",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=857727"
},
{
"category": "external",
"summary": "857842",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=857842"
},
{
"category": "external",
"summary": "858011",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=858011"
},
{
"category": "external",
"summary": "858013",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=858013"
},
{
"category": "external",
"summary": "858038",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=858038"
},
{
"category": "external",
"summary": "858193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=858193"
},
{
"category": "external",
"summary": "858277",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=858277"
},
{
"category": "external",
"summary": "858358",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=858358"
},
{
"category": "external",
"summary": "858360",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=858360"
},
{
"category": "external",
"summary": "858363",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=858363"
},
{
"category": "external",
"summary": "858661",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=858661"
},
{
"category": "external",
"summary": "858678",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=858678"
},
{
"category": "external",
"summary": "858682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=858682"
},
{
"category": "external",
"summary": "858706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=858706"
},
{
"category": "external",
"summary": "858960",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=858960"
},
{
"category": "external",
"summary": "859329",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=859329"
},
{
"category": "external",
"summary": "859407",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=859407"
},
{
"category": "external",
"summary": "859415",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=859415"
},
{
"category": "external",
"summary": "859442",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=859442"
},
{
"category": "external",
"summary": "859604",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=859604"
},
{
"category": "external",
"summary": "859784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=859784"
},
{
"category": "external",
"summary": "859963",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=859963"
},
{
"category": "external",
"summary": "860251",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=860251"
},
{
"category": "external",
"summary": "860421",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=860421"
},
{
"category": "external",
"summary": "860702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=860702"
},
{
"category": "external",
"summary": "860709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=860709"
},
{
"category": "external",
"summary": "862441",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=862441"
},
{
"category": "external",
"summary": "862997",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=862997"
},
{
"category": "external",
"summary": "863187",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=863187"
},
{
"category": "external",
"summary": "863252",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=863252"
},
{
"category": "external",
"summary": "864216",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=864216"
},
{
"category": "external",
"summary": "864372",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=864372"
},
{
"category": "external",
"summary": "864936",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=864936"
},
{
"category": "external",
"summary": "864999",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=864999"
},
{
"category": "external",
"summary": "865528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=865528"
},
{
"category": "external",
"summary": "865811",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=865811"
},
{
"category": "external",
"summary": "869575",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=869575"
},
{
"category": "external",
"summary": "871086",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=871086"
},
{
"category": "external",
"summary": "872096",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=872096"
},
{
"category": "external",
"summary": "872305",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=872305"
},
{
"category": "external",
"summary": "872487",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=872487"
},
{
"category": "external",
"summary": "873850",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=873850"
},
{
"category": "external",
"summary": "874160",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=874160"
},
{
"category": "external",
"summary": "874185",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=874185"
},
{
"category": "external",
"summary": "874768",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=874768"
},
{
"category": "external",
"summary": "882129",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=882129"
},
{
"category": "external",
"summary": "882138",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=882138"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2012/rhsa-2012_1543.json"
}
],
"title": "Red Hat Security Advisory: CloudForms System Engine 1.1 update",
"tracking": {
"current_release_date": "2024-11-22T05:57:26+00:00",
"generator": {
"date": "2024-11-22T05:57:26+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2012:1543",
"initial_release_date": "2012-12-04T19:32:00+00:00",
"revision_history": [
{
"date": "2012-12-04T19:32:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2012-12-04T19:39:57+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T05:57:26+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "CloudForms System Engine for RHEL 6 Server",
"product": {
"name": "CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine",
"product_identification_helper": {
"cpe": "cpe:/a:cloudforms_systemengine:1::el6"
}
}
},
{
"category": "product_name",
"name": "CloudForms Tools for RHEL 6 Server",
"product": {
"name": "CloudForms Tools for RHEL 6 Server",
"product_id": "6Server-CloudTools",
"product_identification_helper": {
"cpe": "cpe:/a:cloudforms_tools:1::el6"
}
}
},
{
"category": "product_name",
"name": "CloudForms Tools for RHEL 5 Server",
"product": {
"name": "CloudForms Tools for RHEL 5 Server",
"product_id": "5Server-CloudTools",
"product_identification_helper": {
"cpe": "cpe:/a:cloudforms_tools:1::el5"
}
}
}
],
"category": "product_family",
"name": "Red Hat CloudForms"
},
{
"branches": [
{
"category": "product_version",
"name": "quartz-0:2.1.5-4.el6cf.noarch",
"product": {
"name": "quartz-0:2.1.5-4.el6cf.noarch",
"product_id": "quartz-0:2.1.5-4.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/quartz@2.1.5-4.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "katello-agent-0:1.1.2-1.el6cf.noarch",
"product": {
"name": "katello-agent-0:1.1.2-1.el6cf.noarch",
"product_id": "katello-agent-0:1.1.2-1.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-agent@1.1.2-1.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "katello-certs-tools-0:1.1.8-1.el6cf.noarch",
"product": {
"name": "katello-certs-tools-0:1.1.8-1.el6cf.noarch",
"product_id": "katello-certs-tools-0:1.1.8-1.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-certs-tools@1.1.8-1.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "grinder-0:0.0.150-1.el6cf.noarch",
"product": {
"name": "grinder-0:0.0.150-1.el6cf.noarch",
"product_id": "grinder-0:0.0.150-1.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grinder@0.0.150-1.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "gofer-0:0.66.1-2.el6cf.noarch",
"product": {
"name": "gofer-0:0.66.1-2.el6cf.noarch",
"product_id": "gofer-0:0.66.1-2.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gofer@0.66.1-2.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"product": {
"name": "gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"product_id": "gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gofer-watchdog@0.66.1-2.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "gofer-package-0:0.66.1-2.el6cf.noarch",
"product": {
"name": "gofer-package-0:0.66.1-2.el6cf.noarch",
"product_id": "gofer-package-0:0.66.1-2.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gofer-package@0.66.1-2.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-gofer-0:0.66.1-2.el6cf.noarch",
"product": {
"name": "python-gofer-0:0.66.1-2.el6cf.noarch",
"product_id": "python-gofer-0:0.66.1-2.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-gofer@0.66.1-2.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-apipie-rails-0:0.0.11-3.el6cf.noarch",
"product": {
"name": "rubygem-apipie-rails-0:0.0.11-3.el6cf.noarch",
"product_id": "rubygem-apipie-rails-0:0.0.11-3.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-apipie-rails@0.0.11-3.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "candlepin-devel-0:0.7.8.1-1.el6cf.noarch",
"product": {
"name": "candlepin-devel-0:0.7.8.1-1.el6cf.noarch",
"product_id": "candlepin-devel-0:0.7.8.1-1.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/candlepin-devel@0.7.8.1-1.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "candlepin-tomcat6-0:0.7.8.1-1.el6cf.noarch",
"product": {
"name": "candlepin-tomcat6-0:0.7.8.1-1.el6cf.noarch",
"product_id": "candlepin-tomcat6-0:0.7.8.1-1.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/candlepin-tomcat6@0.7.8.1-1.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "candlepin-selinux-0:0.7.8.1-1.el6cf.noarch",
"product": {
"name": "candlepin-selinux-0:0.7.8.1-1.el6cf.noarch",
"product_id": "candlepin-selinux-0:0.7.8.1-1.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/candlepin-selinux@0.7.8.1-1.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "candlepin-0:0.7.8.1-1.el6cf.noarch",
"product": {
"name": "candlepin-0:0.7.8.1-1.el6cf.noarch",
"product_id": "candlepin-0:0.7.8.1-1.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/candlepin@0.7.8.1-1.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "katello-selinux-0:1.1.1-2.el6cf.noarch",
"product": {
"name": "katello-selinux-0:1.1.1-2.el6cf.noarch",
"product_id": "katello-selinux-0:1.1.1-2.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-selinux@1.1.1-2.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "pulp-client-lib-0:1.1.14-1.el6cf.noarch",
"product": {
"name": "pulp-client-lib-0:1.1.14-1.el6cf.noarch",
"product_id": "pulp-client-lib-0:1.1.14-1.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pulp-client-lib@1.1.14-1.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "pulp-common-0:1.1.14-1.el6cf.noarch",
"product": {
"name": "pulp-common-0:1.1.14-1.el6cf.noarch",
"product_id": "pulp-common-0:1.1.14-1.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pulp-common@1.1.14-1.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "pulp-selinux-server-0:1.1.14-1.el6cf.noarch",
"product": {
"name": "pulp-selinux-server-0:1.1.14-1.el6cf.noarch",
"product_id": "pulp-selinux-server-0:1.1.14-1.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pulp-selinux-server@1.1.14-1.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "pulp-0:1.1.14-1.el6cf.noarch",
"product": {
"name": "pulp-0:1.1.14-1.el6cf.noarch",
"product_id": "pulp-0:1.1.14-1.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pulp@1.1.14-1.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "pulp-consumer-0:1.1.14-1.el6cf.noarch",
"product": {
"name": "pulp-consumer-0:1.1.14-1.el6cf.noarch",
"product_id": "pulp-consumer-0:1.1.14-1.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pulp-consumer@1.1.14-1.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "pulp-admin-0:1.1.14-1.el6cf.noarch",
"product": {
"name": "pulp-admin-0:1.1.14-1.el6cf.noarch",
"product_id": "pulp-admin-0:1.1.14-1.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pulp-admin@1.1.14-1.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "katello-cli-common-0:1.1.8-12.el6cf.noarch",
"product": {
"name": "katello-cli-common-0:1.1.8-12.el6cf.noarch",
"product_id": "katello-cli-common-0:1.1.8-12.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-cli-common@1.1.8-12.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "katello-cli-0:1.1.8-12.el6cf.noarch",
"product": {
"name": "katello-cli-0:1.1.8-12.el6cf.noarch",
"product_id": "katello-cli-0:1.1.8-12.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-cli@1.1.8-12.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "katello-cli-tests-0:1.1.5-2.el6cf.noarch",
"product": {
"name": "katello-cli-tests-0:1.1.5-2.el6cf.noarch",
"product_id": "katello-cli-tests-0:1.1.5-2.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-cli-tests@1.1.5-2.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "katello-configure-0:1.1.9-12.el6cf.noarch",
"product": {
"name": "katello-configure-0:1.1.9-12.el6cf.noarch",
"product_id": "katello-configure-0:1.1.9-12.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-configure@1.1.9-12.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "katello-glue-pulp-0:1.1.12-22.el6cf.noarch",
"product": {
"name": "katello-glue-pulp-0:1.1.12-22.el6cf.noarch",
"product_id": "katello-glue-pulp-0:1.1.12-22.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-glue-pulp@1.1.12-22.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "katello-all-0:1.1.12-22.el6cf.noarch",
"product": {
"name": "katello-all-0:1.1.12-22.el6cf.noarch",
"product_id": "katello-all-0:1.1.12-22.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-all@1.1.12-22.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "katello-0:1.1.12-22.el6cf.noarch",
"product": {
"name": "katello-0:1.1.12-22.el6cf.noarch",
"product_id": "katello-0:1.1.12-22.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello@1.1.12-22.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "katello-common-0:1.1.12-22.el6cf.noarch",
"product": {
"name": "katello-common-0:1.1.12-22.el6cf.noarch",
"product_id": "katello-common-0:1.1.12-22.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-common@1.1.12-22.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "katello-glue-candlepin-0:1.1.12-22.el6cf.noarch",
"product": {
"name": "katello-glue-candlepin-0:1.1.12-22.el6cf.noarch",
"product_id": "katello-glue-candlepin-0:1.1.12-22.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-glue-candlepin@1.1.12-22.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "katello-api-docs-0:1.1.12-22.el6cf.noarch",
"product": {
"name": "katello-api-docs-0:1.1.12-22.el6cf.noarch",
"product_id": "katello-api-docs-0:1.1.12-22.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-api-docs@1.1.12-22.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "katello-agent-0:1.1.2-1.el5.noarch",
"product": {
"name": "katello-agent-0:1.1.2-1.el5.noarch",
"product_id": "katello-agent-0:1.1.2-1.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-agent@1.1.2-1.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-gofer-0:0.66.1-2.el5.noarch",
"product": {
"name": "python-gofer-0:0.66.1-2.el5.noarch",
"product_id": "python-gofer-0:0.66.1-2.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-gofer@0.66.1-2.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "gofer-watchdog-0:0.66.1-2.el5.noarch",
"product": {
"name": "gofer-watchdog-0:0.66.1-2.el5.noarch",
"product_id": "gofer-watchdog-0:0.66.1-2.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gofer-watchdog@0.66.1-2.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "gofer-0:0.66.1-2.el5.noarch",
"product": {
"name": "gofer-0:0.66.1-2.el5.noarch",
"product_id": "gofer-0:0.66.1-2.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gofer@0.66.1-2.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "gofer-package-0:0.66.1-2.el5.noarch",
"product": {
"name": "gofer-package-0:0.66.1-2.el5.noarch",
"product_id": "gofer-package-0:0.66.1-2.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gofer-package@0.66.1-2.el5?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "quartz-0:2.1.5-4.el6cf.src",
"product": {
"name": "quartz-0:2.1.5-4.el6cf.src",
"product_id": "quartz-0:2.1.5-4.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/quartz@2.1.5-4.el6cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "katello-agent-0:1.1.2-1.el6cf.src",
"product": {
"name": "katello-agent-0:1.1.2-1.el6cf.src",
"product_id": "katello-agent-0:1.1.2-1.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-agent@1.1.2-1.el6cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "katello-certs-tools-0:1.1.8-1.el6cf.src",
"product": {
"name": "katello-certs-tools-0:1.1.8-1.el6cf.src",
"product_id": "katello-certs-tools-0:1.1.8-1.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-certs-tools@1.1.8-1.el6cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "grinder-0:0.0.150-1.el6cf.src",
"product": {
"name": "grinder-0:0.0.150-1.el6cf.src",
"product_id": "grinder-0:0.0.150-1.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grinder@0.0.150-1.el6cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "gofer-0:0.66.1-2.el6cf.src",
"product": {
"name": "gofer-0:0.66.1-2.el6cf.src",
"product_id": "gofer-0:0.66.1-2.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gofer@0.66.1-2.el6cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-apipie-rails-0:0.0.11-3.el6cf.src",
"product": {
"name": "rubygem-apipie-rails-0:0.0.11-3.el6cf.src",
"product_id": "rubygem-apipie-rails-0:0.0.11-3.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-apipie-rails@0.0.11-3.el6cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "candlepin-0:0.7.8.1-1.el6cf.src",
"product": {
"name": "candlepin-0:0.7.8.1-1.el6cf.src",
"product_id": "candlepin-0:0.7.8.1-1.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/candlepin@0.7.8.1-1.el6cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "katello-selinux-0:1.1.1-2.el6cf.src",
"product": {
"name": "katello-selinux-0:1.1.1-2.el6cf.src",
"product_id": "katello-selinux-0:1.1.1-2.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-selinux@1.1.1-2.el6cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "pulp-0:1.1.14-1.el6cf.src",
"product": {
"name": "pulp-0:1.1.14-1.el6cf.src",
"product_id": "pulp-0:1.1.14-1.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pulp@1.1.14-1.el6cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "katello-cli-0:1.1.8-12.el6cf.src",
"product": {
"name": "katello-cli-0:1.1.8-12.el6cf.src",
"product_id": "katello-cli-0:1.1.8-12.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-cli@1.1.8-12.el6cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "katello-cli-tests-0:1.1.5-2.el6cf.src",
"product": {
"name": "katello-cli-tests-0:1.1.5-2.el6cf.src",
"product_id": "katello-cli-tests-0:1.1.5-2.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-cli-tests@1.1.5-2.el6cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "katello-configure-0:1.1.9-12.el6cf.src",
"product": {
"name": "katello-configure-0:1.1.9-12.el6cf.src",
"product_id": "katello-configure-0:1.1.9-12.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-configure@1.1.9-12.el6cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "katello-0:1.1.12-22.el6cf.src",
"product": {
"name": "katello-0:1.1.12-22.el6cf.src",
"product_id": "katello-0:1.1.12-22.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello@1.1.12-22.el6cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "katello-agent-0:1.1.2-1.el5.src",
"product": {
"name": "katello-agent-0:1.1.2-1.el5.src",
"product_id": "katello-agent-0:1.1.2-1.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/katello-agent@1.1.2-1.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "gofer-0:0.66.1-2.el5.src",
"product": {
"name": "gofer-0:0.66.1-2.el5.src",
"product_id": "gofer-0:0.66.1-2.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gofer@0.66.1-2.el5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gofer-0:0.66.1-2.el5.noarch as a component of CloudForms Tools for RHEL 5 Server",
"product_id": "5Server-CloudTools:gofer-0:0.66.1-2.el5.noarch"
},
"product_reference": "gofer-0:0.66.1-2.el5.noarch",
"relates_to_product_reference": "5Server-CloudTools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gofer-0:0.66.1-2.el5.src as a component of CloudForms Tools for RHEL 5 Server",
"product_id": "5Server-CloudTools:gofer-0:0.66.1-2.el5.src"
},
"product_reference": "gofer-0:0.66.1-2.el5.src",
"relates_to_product_reference": "5Server-CloudTools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gofer-package-0:0.66.1-2.el5.noarch as a component of CloudForms Tools for RHEL 5 Server",
"product_id": "5Server-CloudTools:gofer-package-0:0.66.1-2.el5.noarch"
},
"product_reference": "gofer-package-0:0.66.1-2.el5.noarch",
"relates_to_product_reference": "5Server-CloudTools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gofer-watchdog-0:0.66.1-2.el5.noarch as a component of CloudForms Tools for RHEL 5 Server",
"product_id": "5Server-CloudTools:gofer-watchdog-0:0.66.1-2.el5.noarch"
},
"product_reference": "gofer-watchdog-0:0.66.1-2.el5.noarch",
"relates_to_product_reference": "5Server-CloudTools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-agent-0:1.1.2-1.el5.noarch as a component of CloudForms Tools for RHEL 5 Server",
"product_id": "5Server-CloudTools:katello-agent-0:1.1.2-1.el5.noarch"
},
"product_reference": "katello-agent-0:1.1.2-1.el5.noarch",
"relates_to_product_reference": "5Server-CloudTools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-agent-0:1.1.2-1.el5.src as a component of CloudForms Tools for RHEL 5 Server",
"product_id": "5Server-CloudTools:katello-agent-0:1.1.2-1.el5.src"
},
"product_reference": "katello-agent-0:1.1.2-1.el5.src",
"relates_to_product_reference": "5Server-CloudTools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-gofer-0:0.66.1-2.el5.noarch as a component of CloudForms Tools for RHEL 5 Server",
"product_id": "5Server-CloudTools:python-gofer-0:0.66.1-2.el5.noarch"
},
"product_reference": "python-gofer-0:0.66.1-2.el5.noarch",
"relates_to_product_reference": "5Server-CloudTools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gofer-0:0.66.1-2.el6cf.noarch as a component of CloudForms Tools for RHEL 6 Server",
"product_id": "6Server-CloudTools:gofer-0:0.66.1-2.el6cf.noarch"
},
"product_reference": "gofer-0:0.66.1-2.el6cf.noarch",
"relates_to_product_reference": "6Server-CloudTools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gofer-0:0.66.1-2.el6cf.src as a component of CloudForms Tools for RHEL 6 Server",
"product_id": "6Server-CloudTools:gofer-0:0.66.1-2.el6cf.src"
},
"product_reference": "gofer-0:0.66.1-2.el6cf.src",
"relates_to_product_reference": "6Server-CloudTools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gofer-package-0:0.66.1-2.el6cf.noarch as a component of CloudForms Tools for RHEL 6 Server",
"product_id": "6Server-CloudTools:gofer-package-0:0.66.1-2.el6cf.noarch"
},
"product_reference": "gofer-package-0:0.66.1-2.el6cf.noarch",
"relates_to_product_reference": "6Server-CloudTools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gofer-watchdog-0:0.66.1-2.el6cf.noarch as a component of CloudForms Tools for RHEL 6 Server",
"product_id": "6Server-CloudTools:gofer-watchdog-0:0.66.1-2.el6cf.noarch"
},
"product_reference": "gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"relates_to_product_reference": "6Server-CloudTools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-agent-0:1.1.2-1.el6cf.noarch as a component of CloudForms Tools for RHEL 6 Server",
"product_id": "6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.noarch"
},
"product_reference": "katello-agent-0:1.1.2-1.el6cf.noarch",
"relates_to_product_reference": "6Server-CloudTools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-agent-0:1.1.2-1.el6cf.src as a component of CloudForms Tools for RHEL 6 Server",
"product_id": "6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.src"
},
"product_reference": "katello-agent-0:1.1.2-1.el6cf.src",
"relates_to_product_reference": "6Server-CloudTools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-gofer-0:0.66.1-2.el6cf.noarch as a component of CloudForms Tools for RHEL 6 Server",
"product_id": "6Server-CloudTools:python-gofer-0:0.66.1-2.el6cf.noarch"
},
"product_reference": "python-gofer-0:0.66.1-2.el6cf.noarch",
"relates_to_product_reference": "6Server-CloudTools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "candlepin-0:0.7.8.1-1.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.noarch"
},
"product_reference": "candlepin-0:0.7.8.1-1.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "candlepin-0:0.7.8.1-1.el6cf.src as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.src"
},
"product_reference": "candlepin-0:0.7.8.1-1.el6cf.src",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "candlepin-devel-0:0.7.8.1-1.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:candlepin-devel-0:0.7.8.1-1.el6cf.noarch"
},
"product_reference": "candlepin-devel-0:0.7.8.1-1.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "candlepin-selinux-0:0.7.8.1-1.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:candlepin-selinux-0:0.7.8.1-1.el6cf.noarch"
},
"product_reference": "candlepin-selinux-0:0.7.8.1-1.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "candlepin-tomcat6-0:0.7.8.1-1.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:candlepin-tomcat6-0:0.7.8.1-1.el6cf.noarch"
},
"product_reference": "candlepin-tomcat6-0:0.7.8.1-1.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gofer-0:0.66.1-2.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.noarch"
},
"product_reference": "gofer-0:0.66.1-2.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gofer-0:0.66.1-2.el6cf.src as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.src"
},
"product_reference": "gofer-0:0.66.1-2.el6cf.src",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gofer-package-0:0.66.1-2.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:gofer-package-0:0.66.1-2.el6cf.noarch"
},
"product_reference": "gofer-package-0:0.66.1-2.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gofer-watchdog-0:0.66.1-2.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:gofer-watchdog-0:0.66.1-2.el6cf.noarch"
},
"product_reference": "gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grinder-0:0.0.150-1.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.noarch"
},
"product_reference": "grinder-0:0.0.150-1.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grinder-0:0.0.150-1.el6cf.src as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.src"
},
"product_reference": "grinder-0:0.0.150-1.el6cf.src",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-0:1.1.12-22.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:katello-0:1.1.12-22.el6cf.noarch"
},
"product_reference": "katello-0:1.1.12-22.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-0:1.1.12-22.el6cf.src as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:katello-0:1.1.12-22.el6cf.src"
},
"product_reference": "katello-0:1.1.12-22.el6cf.src",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-all-0:1.1.12-22.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:katello-all-0:1.1.12-22.el6cf.noarch"
},
"product_reference": "katello-all-0:1.1.12-22.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-api-docs-0:1.1.12-22.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:katello-api-docs-0:1.1.12-22.el6cf.noarch"
},
"product_reference": "katello-api-docs-0:1.1.12-22.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-certs-tools-0:1.1.8-1.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.noarch"
},
"product_reference": "katello-certs-tools-0:1.1.8-1.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-certs-tools-0:1.1.8-1.el6cf.src as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.src"
},
"product_reference": "katello-certs-tools-0:1.1.8-1.el6cf.src",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-cli-0:1.1.8-12.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.noarch"
},
"product_reference": "katello-cli-0:1.1.8-12.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-cli-0:1.1.8-12.el6cf.src as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.src"
},
"product_reference": "katello-cli-0:1.1.8-12.el6cf.src",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-cli-common-0:1.1.8-12.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:katello-cli-common-0:1.1.8-12.el6cf.noarch"
},
"product_reference": "katello-cli-common-0:1.1.8-12.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-cli-tests-0:1.1.5-2.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.noarch"
},
"product_reference": "katello-cli-tests-0:1.1.5-2.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-cli-tests-0:1.1.5-2.el6cf.src as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.src"
},
"product_reference": "katello-cli-tests-0:1.1.5-2.el6cf.src",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-common-0:1.1.12-22.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:katello-common-0:1.1.12-22.el6cf.noarch"
},
"product_reference": "katello-common-0:1.1.12-22.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-configure-0:1.1.9-12.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.noarch"
},
"product_reference": "katello-configure-0:1.1.9-12.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-configure-0:1.1.9-12.el6cf.src as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.src"
},
"product_reference": "katello-configure-0:1.1.9-12.el6cf.src",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-glue-candlepin-0:1.1.12-22.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:katello-glue-candlepin-0:1.1.12-22.el6cf.noarch"
},
"product_reference": "katello-glue-candlepin-0:1.1.12-22.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-glue-pulp-0:1.1.12-22.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:katello-glue-pulp-0:1.1.12-22.el6cf.noarch"
},
"product_reference": "katello-glue-pulp-0:1.1.12-22.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-selinux-0:1.1.1-2.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.noarch"
},
"product_reference": "katello-selinux-0:1.1.1-2.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "katello-selinux-0:1.1.1-2.el6cf.src as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.src"
},
"product_reference": "katello-selinux-0:1.1.1-2.el6cf.src",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pulp-0:1.1.14-1.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.noarch"
},
"product_reference": "pulp-0:1.1.14-1.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pulp-0:1.1.14-1.el6cf.src as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.src"
},
"product_reference": "pulp-0:1.1.14-1.el6cf.src",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pulp-admin-0:1.1.14-1.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:pulp-admin-0:1.1.14-1.el6cf.noarch"
},
"product_reference": "pulp-admin-0:1.1.14-1.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pulp-client-lib-0:1.1.14-1.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:pulp-client-lib-0:1.1.14-1.el6cf.noarch"
},
"product_reference": "pulp-client-lib-0:1.1.14-1.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pulp-common-0:1.1.14-1.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:pulp-common-0:1.1.14-1.el6cf.noarch"
},
"product_reference": "pulp-common-0:1.1.14-1.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pulp-consumer-0:1.1.14-1.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:pulp-consumer-0:1.1.14-1.el6cf.noarch"
},
"product_reference": "pulp-consumer-0:1.1.14-1.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pulp-selinux-server-0:1.1.14-1.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:pulp-selinux-server-0:1.1.14-1.el6cf.noarch"
},
"product_reference": "pulp-selinux-server-0:1.1.14-1.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-gofer-0:0.66.1-2.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:python-gofer-0:0.66.1-2.el6cf.noarch"
},
"product_reference": "python-gofer-0:0.66.1-2.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "quartz-0:2.1.5-4.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.noarch"
},
"product_reference": "quartz-0:2.1.5-4.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "quartz-0:2.1.5-4.el6cf.src as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.src"
},
"product_reference": "quartz-0:2.1.5-4.el6cf.src",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-apipie-rails-0:0.0.11-3.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.noarch"
},
"product_reference": "rubygem-apipie-rails-0:0.0.11-3.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-apipie-rails-0:0.0.11-3.el6cf.src as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.src"
},
"product_reference": "rubygem-apipie-rails-0:0.0.11-3.el6cf.src",
"relates_to_product_reference": "6Server-SystemEngine"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"James Laska"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2012-3538",
"discovery_date": "2012-08-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "852199"
}
],
"notes": [
{
"category": "description",
"text": "Pulp in Red Hat CloudForms before 1.1 logs administrative passwords in a world-readable file, which allows local users to read pulp administrative passwords by reading production.log.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "katello: pulp admin password logged in plaintext in world-readable katello/production.log",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-CloudTools:gofer-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-0:0.66.1-2.el5.src",
"5Server-CloudTools:gofer-package-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-watchdog-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.src",
"5Server-CloudTools:python-gofer-0:0.66.1-2.el5.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.src",
"6Server-CloudTools:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.src",
"6Server-CloudTools:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.src",
"6Server-SystemEngine:candlepin-devel-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-selinux-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-tomcat6-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.src",
"6Server-SystemEngine:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.src",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.src",
"6Server-SystemEngine:katello-all-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-api-docs-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.src",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.src",
"6Server-SystemEngine:katello-cli-common-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.src",
"6Server-SystemEngine:katello-common-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.src",
"6Server-SystemEngine:katello-glue-candlepin-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-glue-pulp-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.src",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.src",
"6Server-SystemEngine:pulp-admin-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-client-lib-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-common-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-consumer-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-selinux-server-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.src",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-3538"
},
{
"category": "external",
"summary": "RHBZ#852199",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=852199"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-3538",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3538"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-3538",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-3538"
}
],
"release_date": "2012-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2012-12-04T19:32:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"5Server-CloudTools:gofer-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-0:0.66.1-2.el5.src",
"5Server-CloudTools:gofer-package-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-watchdog-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.src",
"5Server-CloudTools:python-gofer-0:0.66.1-2.el5.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.src",
"6Server-CloudTools:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.src",
"6Server-CloudTools:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.src",
"6Server-SystemEngine:candlepin-devel-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-selinux-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-tomcat6-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.src",
"6Server-SystemEngine:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.src",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.src",
"6Server-SystemEngine:katello-all-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-api-docs-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.src",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.src",
"6Server-SystemEngine:katello-cli-common-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.src",
"6Server-SystemEngine:katello-common-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.src",
"6Server-SystemEngine:katello-glue-candlepin-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-glue-pulp-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.src",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.src",
"6Server-SystemEngine:pulp-admin-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-client-lib-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-common-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-consumer-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-selinux-server-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.src",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:1543"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-CloudTools:gofer-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-0:0.66.1-2.el5.src",
"5Server-CloudTools:gofer-package-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-watchdog-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.src",
"5Server-CloudTools:python-gofer-0:0.66.1-2.el5.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.src",
"6Server-CloudTools:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.src",
"6Server-CloudTools:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.src",
"6Server-SystemEngine:candlepin-devel-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-selinux-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-tomcat6-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.src",
"6Server-SystemEngine:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.src",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.src",
"6Server-SystemEngine:katello-all-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-api-docs-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.src",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.src",
"6Server-SystemEngine:katello-cli-common-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.src",
"6Server-SystemEngine:katello-common-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.src",
"6Server-SystemEngine:katello-glue-candlepin-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-glue-pulp-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.src",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.src",
"6Server-SystemEngine:pulp-admin-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-client-lib-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-common-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-consumer-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-selinux-server-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.src",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "katello: pulp admin password logged in plaintext in world-readable katello/production.log"
},
{
"acknowledgments": [
{
"names": [
"Kurt Seifried"
],
"organization": "Red Hat Security Response Team",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2012-4574",
"discovery_date": "2012-11-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "872487"
}
],
"notes": [
{
"category": "description",
"text": "Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf, which allows local users to read the administrative password by reading this file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pulp /etc/pulp/pulp.conf world readable, contains default admin password",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-CloudTools:gofer-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-0:0.66.1-2.el5.src",
"5Server-CloudTools:gofer-package-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-watchdog-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.src",
"5Server-CloudTools:python-gofer-0:0.66.1-2.el5.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.src",
"6Server-CloudTools:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.src",
"6Server-CloudTools:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.src",
"6Server-SystemEngine:candlepin-devel-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-selinux-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-tomcat6-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.src",
"6Server-SystemEngine:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.src",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.src",
"6Server-SystemEngine:katello-all-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-api-docs-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.src",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.src",
"6Server-SystemEngine:katello-cli-common-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.src",
"6Server-SystemEngine:katello-common-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.src",
"6Server-SystemEngine:katello-glue-candlepin-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-glue-pulp-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.src",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.src",
"6Server-SystemEngine:pulp-admin-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-client-lib-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-common-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-consumer-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-selinux-server-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.src",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-4574"
},
{
"category": "external",
"summary": "RHBZ#872487",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=872487"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-4574",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-4574"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4574",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4574"
}
],
"release_date": "2012-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2012-12-04T19:32:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"5Server-CloudTools:gofer-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-0:0.66.1-2.el5.src",
"5Server-CloudTools:gofer-package-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-watchdog-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.src",
"5Server-CloudTools:python-gofer-0:0.66.1-2.el5.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.src",
"6Server-CloudTools:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.src",
"6Server-CloudTools:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.src",
"6Server-SystemEngine:candlepin-devel-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-selinux-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-tomcat6-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.src",
"6Server-SystemEngine:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.src",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.src",
"6Server-SystemEngine:katello-all-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-api-docs-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.src",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.src",
"6Server-SystemEngine:katello-cli-common-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.src",
"6Server-SystemEngine:katello-common-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.src",
"6Server-SystemEngine:katello-glue-candlepin-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-glue-pulp-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.src",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.src",
"6Server-SystemEngine:pulp-admin-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-client-lib-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-common-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-consumer-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-selinux-server-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.src",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:1543"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-CloudTools:gofer-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-0:0.66.1-2.el5.src",
"5Server-CloudTools:gofer-package-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-watchdog-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.src",
"5Server-CloudTools:python-gofer-0:0.66.1-2.el5.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.src",
"6Server-CloudTools:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.src",
"6Server-CloudTools:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.src",
"6Server-SystemEngine:candlepin-devel-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-selinux-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-tomcat6-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.src",
"6Server-SystemEngine:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.src",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.src",
"6Server-SystemEngine:katello-all-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-api-docs-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.src",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.src",
"6Server-SystemEngine:katello-cli-common-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.src",
"6Server-SystemEngine:katello-common-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.src",
"6Server-SystemEngine:katello-glue-candlepin-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-glue-pulp-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.src",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.src",
"6Server-SystemEngine:pulp-admin-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-client-lib-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-common-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-consumer-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-selinux-server-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.src",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "pulp /etc/pulp/pulp.conf world readable, contains default admin password"
},
{
"acknowledgments": [
{
"names": [
"Lukas Zapletal"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2012-5603",
"discovery_date": "2012-05-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "882129"
}
],
"notes": [
{
"category": "description",
"text": "proxies_controller.rb in Katello in Red Hat CloudForms before 1.1 does not properly check permissions, which allows remote authenticated users to read consumer certificates or change arbitrary users\u0027 settings via unspecified vectors related to the \"consumer UUID\" of a system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Katello: lack of authorization in proxies_controller.rb",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-CloudTools:gofer-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-0:0.66.1-2.el5.src",
"5Server-CloudTools:gofer-package-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-watchdog-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.src",
"5Server-CloudTools:python-gofer-0:0.66.1-2.el5.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.src",
"6Server-CloudTools:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.src",
"6Server-CloudTools:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.src",
"6Server-SystemEngine:candlepin-devel-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-selinux-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-tomcat6-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.src",
"6Server-SystemEngine:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.src",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.src",
"6Server-SystemEngine:katello-all-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-api-docs-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.src",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.src",
"6Server-SystemEngine:katello-cli-common-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.src",
"6Server-SystemEngine:katello-common-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.src",
"6Server-SystemEngine:katello-glue-candlepin-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-glue-pulp-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.src",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.src",
"6Server-SystemEngine:pulp-admin-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-client-lib-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-common-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-consumer-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-selinux-server-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.src",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-5603"
},
{
"category": "external",
"summary": "RHBZ#882129",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=882129"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-5603",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5603"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5603",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5603"
}
],
"release_date": "2012-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2012-12-04T19:32:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"5Server-CloudTools:gofer-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-0:0.66.1-2.el5.src",
"5Server-CloudTools:gofer-package-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-watchdog-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.src",
"5Server-CloudTools:python-gofer-0:0.66.1-2.el5.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.src",
"6Server-CloudTools:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.src",
"6Server-CloudTools:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.src",
"6Server-SystemEngine:candlepin-devel-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-selinux-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-tomcat6-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.src",
"6Server-SystemEngine:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.src",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.src",
"6Server-SystemEngine:katello-all-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-api-docs-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.src",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.src",
"6Server-SystemEngine:katello-cli-common-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.src",
"6Server-SystemEngine:katello-common-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.src",
"6Server-SystemEngine:katello-glue-candlepin-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-glue-pulp-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.src",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.src",
"6Server-SystemEngine:pulp-admin-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-client-lib-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-common-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-consumer-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-selinux-server-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.src",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:1543"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-CloudTools:gofer-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-0:0.66.1-2.el5.src",
"5Server-CloudTools:gofer-package-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-watchdog-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.src",
"5Server-CloudTools:python-gofer-0:0.66.1-2.el5.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.src",
"6Server-CloudTools:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.src",
"6Server-CloudTools:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.src",
"6Server-SystemEngine:candlepin-devel-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-selinux-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-tomcat6-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.src",
"6Server-SystemEngine:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.src",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.src",
"6Server-SystemEngine:katello-all-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-api-docs-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.src",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.src",
"6Server-SystemEngine:katello-cli-common-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.src",
"6Server-SystemEngine:katello-common-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.src",
"6Server-SystemEngine:katello-glue-candlepin-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-glue-pulp-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.src",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.src",
"6Server-SystemEngine:pulp-admin-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-client-lib-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-common-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-consumer-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-selinux-server-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.src",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Katello: lack of authorization in proxies_controller.rb"
},
{
"acknowledgments": [
{
"names": [
"James Labocki"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2012-5605",
"discovery_date": "2012-06-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "882138"
}
],
"notes": [
{
"category": "description",
"text": "Grinder in Red Hat CloudForms before 1.1 uses world-writable permissions for /var/lib/pulp/cache/grinder/, which allows local users to modify grinder cache files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "grinder: /var/lib/pulp/cache/grinder directory is world-writeable",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Update Infrastructure 2.1.3 is now in Production 2 Phase of the support and maintenance life cycle. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Update Infrastructure Life Cycle: https://access.redhat.com/support/policy/updates/rhui.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-CloudTools:gofer-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-0:0.66.1-2.el5.src",
"5Server-CloudTools:gofer-package-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-watchdog-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.src",
"5Server-CloudTools:python-gofer-0:0.66.1-2.el5.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.src",
"6Server-CloudTools:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.src",
"6Server-CloudTools:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.src",
"6Server-SystemEngine:candlepin-devel-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-selinux-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-tomcat6-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.src",
"6Server-SystemEngine:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.src",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.src",
"6Server-SystemEngine:katello-all-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-api-docs-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.src",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.src",
"6Server-SystemEngine:katello-cli-common-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.src",
"6Server-SystemEngine:katello-common-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.src",
"6Server-SystemEngine:katello-glue-candlepin-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-glue-pulp-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.src",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.src",
"6Server-SystemEngine:pulp-admin-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-client-lib-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-common-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-consumer-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-selinux-server-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.src",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-5605"
},
{
"category": "external",
"summary": "RHBZ#882138",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=882138"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-5605",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5605"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5605",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5605"
}
],
"release_date": "2012-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2012-12-04T19:32:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"5Server-CloudTools:gofer-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-0:0.66.1-2.el5.src",
"5Server-CloudTools:gofer-package-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-watchdog-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.src",
"5Server-CloudTools:python-gofer-0:0.66.1-2.el5.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.src",
"6Server-CloudTools:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.src",
"6Server-CloudTools:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.src",
"6Server-SystemEngine:candlepin-devel-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-selinux-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-tomcat6-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.src",
"6Server-SystemEngine:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.src",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.src",
"6Server-SystemEngine:katello-all-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-api-docs-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.src",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.src",
"6Server-SystemEngine:katello-cli-common-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.src",
"6Server-SystemEngine:katello-common-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.src",
"6Server-SystemEngine:katello-glue-candlepin-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-glue-pulp-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.src",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.src",
"6Server-SystemEngine:pulp-admin-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-client-lib-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-common-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-consumer-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-selinux-server-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.src",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:1543"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-CloudTools:gofer-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-0:0.66.1-2.el5.src",
"5Server-CloudTools:gofer-package-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:gofer-watchdog-0:0.66.1-2.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.noarch",
"5Server-CloudTools:katello-agent-0:1.1.2-1.el5.src",
"5Server-CloudTools:python-gofer-0:0.66.1-2.el5.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-0:0.66.1-2.el6cf.src",
"6Server-CloudTools:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.noarch",
"6Server-CloudTools:katello-agent-0:1.1.2-1.el6cf.src",
"6Server-CloudTools:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-0:0.7.8.1-1.el6cf.src",
"6Server-SystemEngine:candlepin-devel-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-selinux-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:candlepin-tomcat6-0:0.7.8.1-1.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-0:0.66.1-2.el6cf.src",
"6Server-SystemEngine:gofer-package-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:gofer-watchdog-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.noarch",
"6Server-SystemEngine:grinder-0:0.0.150-1.el6cf.src",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-0:1.1.12-22.el6cf.src",
"6Server-SystemEngine:katello-all-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-api-docs-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.noarch",
"6Server-SystemEngine:katello-certs-tools-0:1.1.8-1.el6cf.src",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-0:1.1.8-12.el6cf.src",
"6Server-SystemEngine:katello-cli-common-0:1.1.8-12.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.noarch",
"6Server-SystemEngine:katello-cli-tests-0:1.1.5-2.el6cf.src",
"6Server-SystemEngine:katello-common-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.noarch",
"6Server-SystemEngine:katello-configure-0:1.1.9-12.el6cf.src",
"6Server-SystemEngine:katello-glue-candlepin-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-glue-pulp-0:1.1.12-22.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.noarch",
"6Server-SystemEngine:katello-selinux-0:1.1.1-2.el6cf.src",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-0:1.1.14-1.el6cf.src",
"6Server-SystemEngine:pulp-admin-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-client-lib-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-common-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-consumer-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:pulp-selinux-server-0:1.1.14-1.el6cf.noarch",
"6Server-SystemEngine:python-gofer-0:0.66.1-2.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.noarch",
"6Server-SystemEngine:quartz-0:2.1.5-4.el6cf.src",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-apipie-rails-0:0.0.11-3.el6cf.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "grinder: /var/lib/pulp/cache/grinder directory is world-writeable"
}
]
}
GHSA-4VM3-7378-9HC4
Vulnerability from github – Published: 2022-05-17 01:41 – Updated: 2022-05-17 01:41
VLAI?
Details
Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf, which allows local users to read the administrative password by reading this file.
{
"affected": [],
"aliases": [
"CVE-2012-4574"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2013-01-04T22:55:00Z",
"severity": "LOW"
},
"details": "Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf, which allows local users to read the administrative password by reading this file.",
"id": "GHSA-4vm3-7378-9hc4",
"modified": "2022-05-17T01:41:54Z",
"published": "2022-05-17T01:41:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4574"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=872487"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80548"
},
{
"type": "WEB",
"url": "http://osvdb.org/88138"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1543.html"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/51472"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/56819"
}
],
"schema_version": "1.4.0",
"severity": []
}
GSD-2012-4574
Vulnerability from gsd - Updated: 2023-12-13 01:20Details
Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf, which allows local users to read the administrative password by reading this file.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2012-4574",
"description": "Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf, which allows local users to read the administrative password by reading this file.",
"id": "GSD-2012-4574",
"references": [
"https://access.redhat.com/errata/RHBA-2013:0571",
"https://access.redhat.com/errata/RHSA-2012:1543"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2012-4574"
],
"details": "Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf, which allows local users to read the administrative password by reading this file.",
"id": "GSD-2012-4574",
"modified": "2023-12-13T01:20:14.562355Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-4574",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf, which allows local users to read the administrative password by reading this file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://rhn.redhat.com/errata/RHSA-2012-1543.html",
"refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1543.html"
},
{
"name": "http://secunia.com/advisories/51472",
"refsource": "MISC",
"url": "http://secunia.com/advisories/51472"
},
{
"name": "http://www.securityfocus.com/bid/56819",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/56819"
},
{
"name": "http://osvdb.org/88138",
"refsource": "MISC",
"url": "http://osvdb.org/88138"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80548",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80548"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=872487",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=872487"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:cloudforms:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-4574"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf, which allows local users to read the administrative password by reading this file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-255"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "51472",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/51472"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=872487",
"refsource": "MISC",
"tags": [],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=872487"
},
{
"name": "RHSA-2012:1543",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1543.html"
},
{
"name": "56819",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/56819"
},
{
"name": "88138",
"refsource": "OSVDB",
"tags": [],
"url": "http://osvdb.org/88138"
},
{
"name": "cloudforms-pulpconf-info-disc(80548)",
"refsource": "XF",
"tags": [],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80548"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2017-08-29T01:32Z",
"publishedDate": "2013-01-04T22:55Z"
}
}
}
FKIE_CVE-2012-4574
Vulnerability from fkie_nvd - Published: 2013-01-04 22:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf, which allows local users to read the administrative password by reading this file.
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | http://osvdb.org/88138 | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-1543.html | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/51472 | Vendor Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/56819 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=872487 | ||
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/80548 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/88138 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-1543.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/51472 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/56819 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=872487 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/80548 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | cloudforms | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:cloudforms:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72189D15-3318-45CD-B37E-FD53E4422052",
"versionEndIncluding": "1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf, which allows local users to read the administrative password by reading this file."
},
{
"lang": "es",
"value": "Pulp en Red Hat CloudForms anteriores a v1.1 usa permisos \"world-readable\" en pulp.conf, lo que permite a usuarios locales a leer las contrase\u00f1as administrativas leyendo este fichero."
}
],
"id": "CVE-2012-4574",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-01-04T22:55:02.087",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://osvdb.org/88138"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1543.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/51472"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/56819"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=872487"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80548"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/88138"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1543.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/51472"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/56819"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=872487"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80548"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-255"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…