CVE-2020-10710

Summary

A flaw was found where the Plaintext Candlepin password is disclosed while updating Red Hat Satellite through the satellite-installer. This flaw allows an attacker with sufficiently high privileges, such as root, to retrieve the Candlepin plaintext password.

Affected Software

VendorProductVersion RangeStatus
n/aforeman-installerforeman-installer 1.24.1.22affected

Weaknesses

  • CWE-522: CWE-522

ADP Enrichment

CVE Program Container

Additional References

References