script/katello-generate-passphrase in Katello 1.1 uses world-readable permissions for /etc/katello/secure/passphrase, which allows local users to obtain the passphrase by reading the file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 26.2%