Cleartext Password Exposure in Spacewalk-backend

Cleartext Password Exposure in Spacewalk-backend

CVE-2012-0059 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

Spacewalk-backend in Red Hat Network (RHN) Satellite and Proxy 5.4 includes cleartext user passwords in an error message when a system registration XML-RPC call fails, which allows remote administrators to obtain the password by reading (1) the server log and (2) an email.

Learn more about our Cis Benchmark Audit For Server Software.