13 matches found
Incorrect Default Permissions
Overview Affected versions of this package are vulnerable to Incorrect Default Permissions in the clihistory feature. An attacker can access sensitive command history and API request/response data by reading the history database file if it is created with default permissions on a multi-user Unix...
CVE-2025-7397
A vulnerability in the ascgshell, of Brocade ASCG before 3.3.0 stores any command executed in the Command Line Interface CLI in plain text within the command history. A local authenticated user that can access sensitive information like passwords within the CLI history leading to unauthorized...
CVE-2025-7397 CLI history displays inline passwords
A vulnerability in the ascgshell, of Brocade ASCG before 3.3.0 stores any command executed in the Command Line Interface CLI in plain text within the command history. A local authenticated user that can access sensitive information like passwords within the CLI history leading to unauthorized...
CVE-2025-7397 CLI history displays inline passwords
A vulnerability in the ascgshell, of Brocade ASCG before 3.3.0 stores any command executed in the Command Line Interface CLI in plain text within the command history. A local authenticated user that can access sensitive information like passwords within the CLI history leading to unauthorized...
CVE-2025-7397
The CVE-2025-7397 issue affects Brocade ASCG’s ascgshell prior to version 3.3.0, where commands entered in the CLI history are stored in plain text. This creates a local, authenticated attacker’s risk of exposing passwords or sensitive data via history inspection, leading to unauthorized access a...
CLI history displays inline passwords
A vulnerability in the ascgshell, of Brocade ASCG before 3.3.0 stores any command executed in the Command Line Interface CLI in plain text within the command history. A local authenticated user that can access sensitive information like passwords within the CLI history leading to unauthorized...
MGASA-2016-0295 Updated redis packages fix security vulnerability
It was discovered that redis did not properly protect redis-cli history files; they were created by default with world-readable permissions CVE-2013-7458...
CLI: Insecure default permissions on history file
It was found that the Command Line Interface, as provided by Red Hat Enterprise Application Platform, created a history file named .jboss-cli-history in the user's home directory with insecure default file permissions. This could allow a malicious local user to gain information otherwise not...
CVE-2014-3586
The default configuration for the Command Line Interface in Red Hat Enterprise Application Platform before 6.4.0 and WildFly formerly JBoss Application Server uses weak permissions for .jboss-cli-history, which allows local users to obtain sensitive information via unspecified vectors...
CLI: Insecure default permissions on history file
It was found that the Command Line Interface, as provided by Red Hat Enterprise Application Platform, created a history file named .jboss-cli-history in the user's home directory with insecure default file permissions. This could allow a malicious local user to gain information otherwise not...
CLI: Insecure default permissions on history file
It was found that the Command Line Interface, as provided by Red Hat Enterprise Application Platform, created a history file named .jboss-cli-history in the user's home directory with insecure default file permissions. This could allow a malicious local user to gain information otherwise not...
CLI: Insecure default permissions on history file
It was found that the Command Line Interface, as provided by Red Hat Enterprise Application Platform, created a history file named .jboss-cli-history in the user's home directory with insecure default file permissions. This could allow a malicious local user to gain information otherwise not...
CLI: Insecure default permissions on history file
It was found that the Command Line Interface, as provided by Red Hat Enterprise Application Platform, created a history file named .jboss-cli-history in the user's home directory with insecure default file permissions. This could allow a malicious local user to gain information otherwise not...