CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
50.4%
Spacewalk-backend in Red Hat Network (RHN) Satellite and Proxy 5.4 includes cleartext user passwords in an error message when a system registration XML-RPC call fails, which allows remote administrators to obtain the password by reading (1) the server log and (2) an email.
Vendor | Product | Version | CPE |
---|---|---|---|
redhat | network_proxy | 5.4 | cpe:2.3:a:redhat:network_proxy:5.4:*:*:*:*:*:*:* |
redhat | satellite | 5.4 | cpe:2.3:a:redhat:satellite:5.4:*:*:*:*:*:*:* |