CVE-2012-3538 Information

Description

Pulp in Red Hat CloudForms before 1.1 logs administrative passwords in a world-readable file which allows local users to read pulp administrative passwords by reading production.log.

Reference

http://osvdb.org/88139 http://rhn.redhat.com/errata/RHSA-2012-1543.html http://secunia.com/advisories/51472 http://www.securityfocus.com/bid/56819 https://exchange.xforce.ibmcloud.com/vulnerabilities/80547