Vulnerability Database

296,213

Total vulnerabilities in the database

CVE-2012-2664

The sosreport utility in the Red Hat sos package before 2.2-29 does not remove the root user password information from the Kickstart configuration file (/root/anaconda-ks.cfg) when creating an archive of debugging information, which might allow attackers to obtain passwords or password hashes.

  • Published: Jun 29, 2012
  • Updated: Apr 13, 2023
  • CVE: CVE-2012-2664
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:M/Au:N/C:P/I:N/A:N

CWEs:

Software From Fixed in
redhat / sos - 2.2-18.x