CVE-2016-7062

CWE-255 CWE-2145 documents5 sources

Severity

7.8HIGH

EPSS

0.1%

top 78.21%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Redhat Storage Console Redhat Storage Console Node

Timeline

PublishedJun 27

Latest updateMay 17

Description

rhscon-ceph in Red Hat Storage Console 2 x86_64 and Red Hat Storage Console Node 2 x86_64 allows local users to obtain the password as cleartext.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

▶NVDredhat/storage_console_node2.0

▶NVDredhat/storage_console2.0

🔴Vulnerability Details

GHSA

GHSA-5wqw-hj4w-m539: rhscon-ceph in Red Hat Storage Console 2 x86_64 and Red Hat Storage Console Node 2 x86_64 allows local users to obtain the password as cleartext↗2022-05-17

▶

CVEList

CVE-2016-7062: rhscon-ceph in Red Hat Storage Console 2 x86_64 and Red Hat Storage Console Node 2 x86_64 allows local users to obtain the password as cleartext↗2017-06-27

▶

📋Vendor Advisories

Red Hat

rhscon-ceph: password leak by command line parameter↗2016-06-14

▶

💬Community

Bugzilla

CVE-2016-7062 rhscon-ceph: password leak by command line parameter↗2016-10-04

▶