CVE-2020-10710

MEDIUM Year: 2020
CVSS v3 Score
4.4
Medium
Weakness Type
CWE-522
View all →

Vulnerability Description

A flaw was found where the Plaintext Candlepin password is disclosed while updating Red Hat Satellite through the satellite-installer. This flaw allows an attacker with sufficiently high privileges, such as root, to retrieve the Candlepin plaintext password.

Related Vulnerabilities

CVE-2017-12127

MEDIUM
CVSS:4.4(Medium)

A password storage vulnerability exists in the operating system functionality of Moxa EDR-810 V4.1 build 17030317. An attacker with shell access could extract passwords in clear text from the device.

CWE-5222017

CVE-2019-0120

MEDIUM
CVSS:4.4(Medium)

Insufficient key protection vulnerability in silicon reference firmware for Intel(R) Pentium(R) Processor J Series, Intel(R) Pentium(R) Processor N Series, Intel(R) Celeron(R) J Series, Intel(R) Celer...

CWE-5222019

CVE-2019-0175

MEDIUM
CVSS:4.4(Medium)

Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.

CWE-5222019

CVE-2019-0179

MEDIUM
CVSS:4.4(Medium)

Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.

CWE-5222019

CVE-2019-0180

MEDIUM
CVSS:4.4(Medium)

Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.

CWE-5222019

CVE-2019-11092

MEDIUM
CVSS:4.4(Medium)

Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.

CWE-5222019