dogtagpki dogtagpki CVE-2021-3551 vulnerability in Dogtagpki and Other Products
Published on February 16, 2022

product logo product logo product logo product logo
A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This flaw allows a local attacker to retrieve the file to obtain the admin password and gain admin privileges to the Dogtag CA manager. The highest threat from this vulnerability is to confidentiality.

NVD

Weakness Type

Cleartext Storage of Sensitive Information

The application stores sensitive information in cleartext within a resource that might be accessible to another control sphere. Because the information is stored in cleartext, attackers could potentially read it. Even if the information is encoded in a way that is not human-readable, certain techniques could determine which encoding is being used, then decode the information.


Products Associated with CVE-2021-3551

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2021-3551 are published in these products:

Dogtagpki
 
Fedora Project Fedora
 
Oracle Linux
 
Red Hat Enterprise Linux (RHEL)
 
Red Hat Enterprise Linux Eus
 
Red Hat Enterprise Linux Ibm Z Systems
 
Red Hat Enterprise Linux Ibm Z Systems Eus
 
Red Hat Enterprise Linux Power Little Endian
 
Red Hat Enterprise Linux Power Little Endian Eus
 
Red Hat Enterprise Linux Server Aus
 
Red Hat Enterprise Linux Server Tus
 
Red Hat Enterprise Linux Server Update Services Sap Solutions
 

Exploit Probability

EPSS
0.02%
Percentile
4.09%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.