RSS   Vulnerabilities for 'Katello installer'   RSS

2014-05-14
 
CVE-2013-4455

CWE-264
 

 
Katello Installer before 0.0.18 uses world-readable permissions for /etc/pki/tls/private/katello-node.key when deploying a child Pulp node, which allows local users to obtain the private key by reading the file.

 

 >>> Vendor: Katello 3 Products
Katello
Katello-configure
Katello installer


Copyright 2019, cxsecurity.com

 

Back to Top