discovery-debug in Foreman before 6.2 when the ssh service has been enabled on discovered nodes displays the root password in plaintext in the system journal when used to log in, which allows local users with access to the system journal to obtain the root password by reading the system journal, or by clicking Logs on the console.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2017-07-14T20:00:00

Updated: 2024-08-06T00:46:40.228Z

Reserved: 2016-05-24T00:00:00

Link: CVE-2016-4996

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2017-07-17T13:18:06.170

Modified: 2024-11-21T02:53:23.597

Link: CVE-2016-4996

cve-icon Redhat

Severity : Moderate

Publid Date: 2016-06-22T00:00:00Z

Links: CVE-2016-4996 - Bugzilla