5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.004 Low
EPSS
Percentile
72.2%
sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux (RHEL)
5 produces an archive with an fstab file potentially containing cleartext
passwords, and lacks a warning about reviewing this archive to detect
included passwords, which might allow remote attackers to obtain sensitive
information by leveraging access to a technical-support data stream.
Author | Note |
---|---|
tyhicks | Fixed upstream in the 3.2 release |