Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
It was discovered that a world-readable log file belonging to Candlepin component of Red Hat Satellite 6.4 leaked the credentials of the Candlepin database. A malicious user with local access to a Satellite host can use those credentials to modify the database and prevent Satellite from fetching package updates, thus preventing all Satellite hosts from accessing those updates.
CVSS Information
N/A
Vulnerability Type
通过日志文件的信息暴露
Vulnerability Title
Red Hat Satellite Candlepin组件日志信息泄露漏洞
Vulnerability Description
Red Hat Satellite是美国红帽(Red Hat)公司的一套系统管理平台。该平台可用于扩展Linux基础架构,并提供系统管理功能,如管理、配置和监控。Candlepin是其中的一个用于处理订阅管理的服务组件。 Red Hat Satellite 6.4版本中的Candlepin组件存在日志信息泄露漏洞。该漏洞源于网络系统或产品的日志文件非正常输出。
CVSS Information
N/A
Vulnerability Type
N/A