Vulnerabilities > CVE-2016-9593 - Credentials Management vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
foreman-debug before version 1.15.0 is vulnerable to a flaw in foreman-debug's logging. An attacker with access to the foreman log file would be able to view passwords, allowing them to access those systems.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family | Red Hat Local Security Checks |
NASL id | REDHAT-RHSA-2018-0336.NASL |
description | An update is now available for Red Hat Satellite. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. This update provides Satellite 6.3 packages for Red Hat Enterprise Linux 7 Satellite server. For the full list of new features provided by Satellite 6.3, see the Release Notes linked to in the references section. See the Satellite 6 Installation Guide for detailed instructions on how to install a new Satellite 6.3 environment, or the Satellite 6 Upgrading and Updating guide for detailed instructions on how to upgrade from prior versions of Satellite 6. All users who require Satellite version 6.3 are advised to install these new packages. Security Fix(es) : * V8: integer overflow leading to buffer overflow in Zone::New (CVE-2016-1669) * rubygem-will_paginate: XSS vulnerabilities (CVE-2013-6459) * foreman: models with a |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 107053 |
published | 2018-02-28 |
reporter | This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/107053 |
title | RHEL 7 : Satellite Server (RHSA-2018:0336) |
Redhat
advisories |
| ||||
rpms |
|