CVE-2021-3413

MEDIUM Year: 2021
CVSS v3 Score
6.3
Medium
CVSS v2 Score
6.5
Medium
Weakness Type
CWE-200
View all →

Vulnerability Description

A flaw was found in Red Hat Satellite in tfm-rubygem-foreman_azure_rm in versions before 2.2.0. A credential leak was identified which will expose Azure Resource Manager's secret key through JSON of the API output. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Related Vulnerabilities

CVE-2015-6918

MEDIUM
CVSS:6.3(Medium)

salt before 2015.5.5 leaks git usernames and passwords to the log.

CWE-2002015

CVE-2016-0899

MEDIUM
CVSS:6.3(Medium)

EMC RSA Archer GRC 5.5.x before 5.5.3.4 allows remote authenticated users to read the web.config.bak file, and obtain sensitive credential information, by modifying the IIS configuration to set a Cont...

CWE-2002016

CVE-2017-6786

MEDIUM
CVSS:6.3(Medium)

A vulnerability in Cisco Elastic Services Controller could allow an authenticated, local, unprivileged attacker to access sensitive information, including credentials for system accounts, on an affect...

CWE-2002017

CVE-2018-18073

MEDIUM
CVSS:6.3(Medium)

Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object.

CWE-2002018

CVE-2019-4140

MEDIUM
CVSS:6.3(Medium)

IBM Tivoli Storage Manager Server (IBM Spectrum Protect 7.1 and 8.1) could allow a local user to replace existing databases by restoring old data. IBM X-Force ID: 158336.

CWE-2002019

CVE-2020-10195

MEDIUM
CVSS:6.3(Medium)

The popup-builder plugin before 3.64.1 for WordPress allows information disclosure and settings modification, leading to in-scope privilege escalation via admin-post actions to com/classes/Actions.php...

CWE-2002020