CVE-2008-2367

CWE-2645 documents5 sources
Severity
2.1LOW
EPSS
0.0%
top 90.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Redhat Certificate System
Timeline
PublishedJan 20
Latest updateMay 1

Description

Red Hat Certificate System 7.2 uses world-readable permissions for password.conf and unspecified other configuration files, which allows local users to discover passwords by reading these files.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-w7wp-vjg7-vw6c: Red Hat Certificate System 72022-05-01
CVEList
CVE-2008-2367: Red Hat Certificate System 72009-01-20

📋Vendor Advisories

1
Red Hat
System: insecure config file permissions2009-01-15

💬Community

1
Bugzilla
CVE-2008-2367 Certificate System: insecure config file permissions2008-06-18
CVE-2008-2367 (LOW CVSS 2.1) | Red Hat Certificate System 7.2 uses | cvebase.io