The sosreport utility in the Red Hat sos package prior to 1.7-9 and 2.x prior to 2.2-17 includes (1) Certificate-based Red Hat Network private entitlement keys and the (2) private key for the entitlement in an archive of debugging information, which might allow remote malicious users to obtain sensitive information by reading the archive.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat sos 2.2-16 |
||
redhat sos 2.2-9 |
||
redhat sos 2.2-11 |
||
redhat sos 2.2-15 |
||
redhat sos 2.2-3 |
||
redhat sos 2.2-6 |
||
redhat sos 2.2-7 |
||
redhat sos 2.2-8 |
||
redhat sos 2.2-10 |
||
redhat sos 2.2-14 |
||
redhat sos |
||
redhat sos 1.7-8 |
||
redhat sos 1.7 |
||
redhat sos 1.6 |