CVE-2012-0059

EUVD-2012-0097
Spacewalk-backend in Red Hat Network (RHN) Satellite and Proxy 5.4 includes cleartext user passwords in an error message when a system registration XML-RPC call fails, which allows remote administrators to obtain the password by reading (1) the server log and (2) an email.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 45%
Affected Products (NVD)
VendorProductVersion
redhatnetwork_proxy
5.4
redhatsatellite
5.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://rhn.redhat.com/errata/RHSA-2012-0101.html
http://rhn.redhat.com/errata/RHSA-2012-0102.html
http://rhn.redhat.com/errata/RHSA-2012-0101.html
http://rhn.redhat.com/errata/RHSA-2012-0102.html