CVE-2016-9593
Severity CVSS v4.0:
Pending analysis
Type:
CWE-522
Insufficiently Protected Credentials
Publication date:
16/04/2018
Last modified:
17/06/2026
Description
foreman-debug before version 1.15.0 is vulnerable to a flaw in foreman-debug's logging. An attacker with access to the foreman log file would be able to view passwords, allowing them to access those systems.
Impact
Base Score 3.x
4.70
Severity 3.x
MEDIUM
Base Score 2.0
4.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:theforeman:foreman:*:*:*:*:*:*:*:* | 1.15.0 (excluding) | |
| cpe:2.3:a:redhat:satellite:6.0:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page



