12 matches found
EUVD-2014-0235
Malware in sbrugna...
EUVD-2022-24948
Malicious code in bioql PyPI...
RHSA-2016:2592 Red Hat Security Advisory: subscription-manager security, bug fix, and enhancement update
Bulletin has no description...
CVE-2022-1662
In convert2rhel, there's an ansible playbook named ansible/run-convert2rhel.yml which passes the Red Hat Subscription Manager user password via the CLI to convert2rhel. This could allow unauthorized local users to view the password via the process list while convert2rhel is running. However, this...
Default credentials
In convert2rhel, there's an ansible playbook named ansible/run-convert2rhel.yml which passes the Red Hat Subscription Manager user password via the CLI to convert2rhel. This could allow unauthorized local users to view the password via the process list while convert2rhel is running. However, this...
CVE-2022-1662
In convert2rhel, there's an ansible playbook named ansible/run-convert2rhel.yml which passes the Red Hat Subscription Manager user password via the CLI to convert2rhel. This could allow unauthorized local users to view the password via the process list while convert2rhel is running. However, this...
CVE-2022-1662
In CVE-2022-1662, the issue is that an Ansible playbook (ansible/run-convert2rhel.yml) for convert2rhel passes the Red Hat Subscription Manager password via the CLI, enabling unauthorized local users to view the password in the process list during execution. This affects convert2rhel when the ups...
CVE-2022-1662
A flaw was found in convert2rhel, where an Ansible playbook named ansible/run-convert2rhel.yml passes the Red Hat Subscription Manager user password via the CLI to convert2rhel. This flaw allows unauthorized local users to view the password via the process list while convert2rhel is running...
CVE-2021-3585
A flaw was found in openstack-tripleo-heat-templates. Plain passwords from RHSM exist in the logs during OSP13 deployment with subscription-manager...
Low: Red Hat Security Advisory: Red Hat Storage 2.1 security, bug fix, and enhancement update
Updated glusterfs, geo-replication, and native client packages that fix one security issue, several bugs, and adds an enhancement are now available Red Hat Storage 2.1. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base...
CVE-2012-6137
rhn-migrate-classic-to-rhsm tool in Red Hat subscription-manager does not verify the Red Hat Network Classic server's X.509 certificate when migrating to a Certificate-based Red Hat Network, which allows remote man-in-the-middle attackers to obtain sensitive information such as user credentials...
Code injection
rhn-migrate-classic-to-rhsm tool in Red Hat subscription-manager does not verify the Red Hat Network Classic server's X.509 certificate when migrating to a Certificate-based Red Hat Network, which allows remote man-in-the-middle attackers to obtain sensitive information such as user credentials...