CVE-2020-10710

CVE-2020-10710

Vendor N/A
Product foreman-installer
Weakness CWE-522 · Insufficiently protected credentials
Published August 16, 2022
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

A flaw was found where the Plaintext Candlepin password is disclosed while updating Red Hat Satellite through the satellite-installer. This flaw allows an attacker with sufficiently high privileges, such as root, to retrieve the Candlepin plaintext password.

Key dates

02Disclosure timeline

August 16, 2022 CVE published
August 4, 2024 Record updated