subscription-manager: information disclosure
| Package(s): | subscription-manager | CVE #(s): | CVE-2016-4455 | ||||||||
| Created: | November 3, 2016 | Updated: | January 10, 2017 | ||||||||
| Description: | From the Red Hat advisory:
It was found that subscription-manager set weak permissions on files in /var/lib/rhsm/, causing an information disclosure. A local, unprivileged user could use this flaw to access sensitive data that could potentially be used in a social engineering attack. | ||||||||||
| Alerts: |
| ||||||||||