4.6 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
14.6%
A sensitive information exposure vulnerability was found in foreman. Contents of tomcat’s server.xml file, which contain passwords to candlepin’s keystore and truststore, were found to be world readable.
access.redhat.com/errata/RHSA-2023:7851
access.redhat.com/errata/RHSA-2024:1061
access.redhat.com/security/cve/CVE-2023-4886
bugzilla.redhat.com/show_bug.cgi?id=2230135