CVE-2012-0059

Spacewalk-backend in Red Hat Network (RHN) Satellite and Proxy 5.4 includes cleartext user passwords in an error message when a system registration XML-RPC call fails, which allows remote administrators to obtain the password by reading (1) the server log and (2) an email.

Published: Feb 5, 2014
Updated: Apr 13, 2023
CVE: CVE-2012-0059
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:P/I:N/A:N

CWEs:

CWE-310

Affected Software
References

Software	From	Fixed in
redhat / network_proxy	5.4	5.4.x
redhat / satellite	5.4	5.4.x

http://rhn.redhat.com/errata/RHSA-2012-0101.html
http://rhn.redhat.com/errata/RHSA-2012-0102.html

Vulnerability Database

289,599

CVE-2012-0059