CVE-2008-2368

Impact:
Moderate
Public Date:
2009-01-15
Bugzilla:
452000: CVE-2008-2368 Certificate System: plain text passwords stored in debug log

The MITRE CVE dictionary describes this issue as:

Red Hat Certificate System 7.2 stores passwords in cleartext in the UserDirEnrollment log, the RA wizard installer log, and unspecified other debug log files, and uses weak permissions for these files, which allows local users to discover passwords by reading the files.

Find out more about CVE-2008-2368 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Certificate System 7.2 for 4AS RHSA-2009:0006 2009-01-15
Red Hat Certificate System 7.3 for 4AS RHSA-2009:0007 2009-01-29

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.