Vulnerability Details CVE-2012-0059
A flaw was found in Spacewalk-backend. This information disclosure vulnerability occurs when a system registration XML-RPC call fails, causing cleartext user passwords to be included in error messages. Remote administrators can exploit this by reading server logs and emails, leading to the unauthorized disclosure of user passwords.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 58.1%
CVSS Severity
CVSS v3 Score 4.9
CVSS v2 Score 4.3
References
Products affected by CVE-2012-0059
-
cpe:2.3:a:redhat:network_proxy:5.4
-
cpe:2.3:a:redhat:satellite:5.4