Vulnerability Details CVE-2016-4996
discovery-debug in Foreman before 6.2 when the ssh service has been enabled on discovered nodes displays the root password in plaintext in the system journal when used to log in, which allows local users with access to the system journal to obtain the root password by reading the system journal, or by clicking Logs on the console.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 10.9%
CVSS Severity
CVSS v3 Score 7.0
CVSS v2 Score 1.9
References
Products affected by CVE-2016-4996
-
cpe:2.3:a:redhat:satellite:6.3
-
cpe:2.3:o:redhat:enterprise_linux_server:7.0