ALT Linux Team

Package foreman update in sisyphus on 2020-03-03

ALT-PU-2020-1418-1

Package foreman updated to version 1.24.2-alt1 for branch sisyphus in task 247240.

Closed vulnerabilities

Published: 2022-08-17
Modified: 2024-11-21

CVE-2020-10710

A flaw was found where the Plaintext Candlepin password is disclosed while updating Red Hat Satellite through the satellite-installer. This flaw allows an attacker with sufficiently high privileges, such as root, to retrieve the Candlepin plaintext password.

Severity: MEDIUM (4.4) Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.0
Back to top