Skip to main content
CVE-2012-3538 LOW Monitor

Pulp in Red Hat CloudForms before 1.1 logs administrative passwords in a world-readable file, which allows local users to read pulp administrative passwords by reading production.log. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Red Hat Authentication Bypass Cloudforms
NVD
CVSS 2.0
3.3
EPSS
0.2%
CVE-2012-6348 LOW Monitor

Centrify Deployment Manager 2.1.0.283, as distributed in Centrify Suite before 2012.5, allows local users to (1) overwrite arbitrary files via a symlink attack on the adcheckDMoutput temporary file,. Rated low severity (CVSS 3.3). No vendor patch available.

Information Disclosure Centrify Deployment Manager Centrify Suite
NVD
CVSS 2.0
3.3
EPSS
0.1%
CVE-2012-2696 LOW Monitor

The backend in Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.1 does not properly check privileges, which allows remote authenticated users to query arbitrary information via a (1) SOAP. Rated low severity (CVSS 2.7), this vulnerability is low attack complexity. No vendor patch available.

Red Hat Privilege Escalation Enterprise Virtualization Manager
NVD
CVSS 2.0
2.7
EPSS
0.1%
CVE-2012-5605 LOW Monitor

Grinder in Red Hat CloudForms before 1.1 uses world-writable permissions for /var/lib/pulp/cache/grinder/, which allows local users to modify grinder cache files. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Red Hat Privilege Escalation Cloudforms
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2012-4574 LOW Monitor

Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf, which allows local users to read the administrative password by reading this file. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Red Hat Authentication Bypass Cloudforms
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2012-5516 LOW Monitor

Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.1, when moving disks between storage domains, does not properly wipe-after-delete, which prevents disks from being securely deleted and. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Red Hat Information Disclosure Enterprise Virtualization Manager
NVD
CVSS 2.0
2.1
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy