Lucene search

K
cveMitreCVE-2012-0421
HistoryAug 08, 2012 - 10:26 a.m.

CVE-2012-0421

2012-08-0810:26:18
CWE-200
mitre
web.nvd.nist.gov
33
suse
audit log keeper
cve-2012-0421
suse manager
spacewalk
nvd
security vulnerability
passwords

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.5

Confidence

Low

EPSS

0.001

Percentile

19.8%

The SUSE Audit Log Keeper daemon before 0.2.1-0.4.6.1 for SUSE Manager and Spacewalk uses world-readable permissions for /etc/auditlog-keeper.conf, which allows local users to obtain passwords by reading this file.

Affected configurations

Nvd
Node
novellsuse_audit_log_keeperRange0.2.1
VendorProductVersionCPE
novellsuse_audit_log_keeper*cpe:2.3:a:novell:suse_audit_log_keeper:*:*:*:*:*:*:*:*

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.5

Confidence

Low

EPSS

0.001

Percentile

19.8%

Related for CVE-2012-0421