Lucene search
HistoryMar 01, 2013 - 5:40 a.m.
CVE-2012-5561
cve-2012-5561
katello 1.1
security vulnerability
passphrase
file permissions
nvd
6.4 Medium
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
5.2%
script/katello-generate-passphrase in Katello 1.1 uses world-readable permissions for /etc/katello/secure/passphrase, which allows local users to obtain the passphrase by reading the file.
| CPE | Name | Operator | Version |
|---|---|---|---|
| katello:katello | katello | eq | 1.1 |
Related
prion
prion
Design/Logic Flaw
2013-03-01 05:40:00
veracode
veracode
Information Disclosure
2019-01-15 08:58:04
redhat
redhat
(RHSA-2013:0544) Important: Subscription Asset Manager 1.2 update
2013-02-21 00:00:00
nessus
nessus
RHEL 6 : Subscription Asset Manager (RHSA-2013:0544)
2013-03-10 00:00:00
6.4 Medium
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
5.2%
Related for CVE-2012-5561