Red Hat Network (RHN) Configuration Client (rhncfg-client) in rhncfg before 5.10.27-8 uses weak permissions (world-readable) for /var/log/rhncfg-actions, which allows local users to obtain sensitive information about the rhncfg-client actions by reading the file.
References
Configurations
History
No history.
Information
Published : 2012-10-22 23:55
Updated : 2024-02-28 12:00
NVD link : CVE-2012-2679
Mitre link : CVE-2012-2679
CVE.ORG link : CVE-2012-2679
JSON object : View
Products Affected
redhat
- rhncfg
CWE
CWE-264
Permissions, Privileges, and Access Controls