8 matches found
CVE-2021-3551
A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This flaw allows a local attacker to retrieve the file to obtain the admin password and gain admin privileges to the Dogtag CA manager. The highest threa...
CVE-2021-3551
CVE-2021-3551 is described in connected documents as a vulnerability in the PKI-server where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This allows a local attacker to retrieve the log and obtain the admin password, enabling admin privile...
CentOS 8 : pki-core:10.6 (CESA-2021:2235)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:2235 advisory. - pki-server: Dogtag installer pkispawn logs admin credentials into a world-readable log file CVE-2021-3551 Note that Nessus has not tested for this issue but h...
RHEL 8 : pki-core:10.6 (RHSA-2021:2235)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:2235 advisory. The Public Key Infrastructure PKI Core contains fundamental packages required by Red Hat Certificate System. Security Fixes: pki-server: Dogtag...
Oracle Linux 8 : pki-core:10.6 (ELSA-2021-2235)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-2235 advisory. pki-core 10.10.5-3.0.1 - Remove upstream reference. 10.10.5-3 - Bug 1960146 - CVE-2021-3551 Dogtag installer 'pkispawn' logs admin credentials into a...
pki-core:10.6 security update
pki-core 10.10.5-3.0.1 - Remove upstream reference. 10.10.5-3 - Bug 1960146 - CVE-2021-3551 Dogtag installer 'pkispawn' logs admin credentials into a world-readable log file...
Important: Red Hat Security Advisory: pki-core:10.6 security update
An update for the pki-core:10.6 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: pki-core:10.6 security update
The Public Key Infrastructure PKI Core contains fundamental packages required by AlmaLinux Certificate System. Security Fixes: pki-server: Dogtag installer "pkispawn" logs admin credentials into a world-readable log file CVE-2021-3551 The PKI installer "pkispawn" logs admin credentials into a...