Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In convert2rhel, there's an ansible playbook named ansible/run-convert2rhel.yml which passes the Red Hat Subscription Manager user password via the CLI to convert2rhel. This could allow unauthorized local users to view the password via the process list while convert2rhel is running. However, this ansible playbook is only an example in the upstream repository and it is not shipped in officially supported versions of convert2rhel.
CVSS Information
N/A
Vulnerability Type
信息暴露
Vulnerability Title
Convert2RHEL 信息泄露漏洞
Vulnerability Description
Convert2RHEL是一个工具。将 Oracle/CentOS/Scientific/Rocky/Alma Linux 自动转换为 Red Hat Enterprise Linux。 Convert2RHEL 存在安全漏洞,该漏洞源于ansible playbook通过命令行界面将凭据传递给convert2rhel。
CVSS Information
N/A
Vulnerability Type
N/A