CVE-2021-3551

CWE-312 — Cleartext Storage of Sensitive Info6 documents6 sources

Severity

7.8HIGH

EPSS

0.0%

top 95.61%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Dogtagpki Dogtagpki Fedoraproject Fedora Oracle Linux +9 more

Timeline

PublishedFeb 16

Latest updateFeb 17

Description

A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This flaw allows a local attacker to retrieve the file to obtain the admin password and gain admin privileges to the Dogtag CA manager. The highest threat from this vulnerability is to confidentiality.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

▶NVDdogtagpki/dogtagpki10.10.0 — 10.10.6

▶CVEListV5pki-serverpki-core 10.10.6

▶NVDoracle/linux8

Also affects: Fedora 33, 34, Enterprise Linux 8.0, 8.4

Patches

Patch: bugzilla.redhat.com ↗Patch: bugzilla.redhat.com ↗

🔴Vulnerability Details

GHSA

GHSA-9ggg-37fj-xc96: A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file↗2022-02-17

▶

OSV

CVE-2021-3551: A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file↗2022-02-16

▶

CVEList

CVE-2021-3551: A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file↗2022-02-16

▶

📋Vendor Advisories

Red Hat

pki-server: Dogtag installer "pkispawn" logs admin credentials into a world-readable log file↗2021-06-03

▶

Debian

CVE-2021-3551: dogtag-pki - A flaw was found in the PKI-server, where the spkispawn command, when run in deb...↗2021

▶