CVE-2014-0241

CWE-522Insufficiently Protected CredentialsCWE-732Incorrect Permission Assignment6 documents6 sources
Severity
5.5MEDIUM
EPSS
0.1%
top 71.57%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Rubygem-hammer CLI Foreman Rubygem-hammer CLI ForemanRedhat Satellite
Timeline
PublishedDec 13
Latest updateMay 17

Description

rubygem-hammer_cli_foreman: File /etc/hammer/cli.modules.d/foreman.yml world readable

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

🔴Vulnerability Details

3
GHSA
GHSA-h459-7mrx-8pvc: rubygem-hammer_cli_foreman: File /etc/hammer/cli2022-05-17
CVEList
CVE-2014-0241: rubygem-hammer_cli_foreman: File /etc/hammer/cli2019-12-13
OSV
postgresql-8.4, postgresql-9.1, postgresql-9.3, postgresql-9.4 vulnerabilities2015-02-11

📋Vendor Advisories

1
Red Hat
rubygem-hammer_cli_foreman: /etc/hammer/cli.modules.d/foreman.yml is world-readable2015-02-18

💬Community

1
Bugzilla
CVE-2014-0241 rubygem-hammer_cli_foreman: /etc/hammer/cli.modules.d/foreman.yml is world-readable2014-05-20