Medium severity4.9NVD Advisory· Published Feb 5, 2014· Updated Apr 29, 2026

CVE-2012-0059

Description

A flaw was found in Spacewalk-backend. This information disclosure vulnerability occurs when a system registration XML-RPC call fails, causing cleartext user passwords to be included in error messages. Remote administrators can exploit this by reading server logs and emails, leading to the unauthorized disclosure of user passwords.

Affected products

Red Hat/Network Proxy
cpe:2.3:a:redhat:network_proxy:5.4:*:*:*:*:*:*:*
Red Hat/Satellite
cpe:2.3:a:redhat:satellite:5.4:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

rhn.redhat.com/errata/RHSA-2012-0101.htmlnvdVendor Advisory
rhn.redhat.com/errata/RHSA-2012-0102.htmlnvdVendor Advisory
access.redhat.com/security/cve/CVE-2012-0059nvd

News mentions

No linked articles in our index yet.

cvss	0.319
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000