CVE-2008-4315

EUVD-2008-4296
tog-pegasus in OpenGroup Pegasus 2.7.0 on Red Hat Enterprise Linux (RHEL) 5, Fedora 9, and Fedora 10 does not log failed authentication attempts to the OpenPegasus CIM server, which makes it easier for remote attackers to avoid detection of password guessing attacks.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 81%
Affected Products (NVD)
VendorProductVersion
redhatenterprise_linux
5.0
redhatenterprise_linux_desktop
5.0
𝑥
= Vulnerable software versions
References
http://osvdb.org/50278
http://secunia.com/advisories/32862
http://www.redhat.com/support/errata/RHSA-2008-1001.html
http://www.securitytracker.com/id?1021281
https://admin.fedoraproject.org/updates/tog-pegasus-2.7.0-7.fc9
https://admin.fedoraproject.org/updates/tog-pegasus-2.7.1-3.fc10
https://bugzilla.redhat.com/show_bug.cgi?id=472017
https://exchange.xforce.ibmcloud.com/vulnerabilities/46830
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9431
http://osvdb.org/50278
http://secunia.com/advisories/32862
http://www.redhat.com/support/errata/RHSA-2008-1001.html
http://www.securitytracker.com/id?1021281
https://admin.fedoraproject.org/updates/tog-pegasus-2.7.0-7.fc9
https://admin.fedoraproject.org/updates/tog-pegasus-2.7.1-3.fc10
https://bugzilla.redhat.com/show_bug.cgi?id=472017
https://exchange.xforce.ibmcloud.com/vulnerabilities/46830
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9431