Medium severity5.5NVD Advisory· Published Jun 13, 2017· Updated Jun 17, 2026
CVE-2016-3696
CVE-2016-3696
Description
The pulp-qpid-ssl-cfg script in Pulp before 2.8.5 allows local users to obtain the CA key.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4<2.8.5+ 1 more
- (no CPE)range: <2.8.5
- cpe:2.3:a:pulpproject:pulp:*:*:*:*:*:*:*:*range: <=2.8.4
- cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
5- pulp.plan.io/issues/1854nvdIssue TrackingVendor Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue Tracking
- docs.pulpproject.org/user-guide/release-notes/2.8.x.htmlnvdPermissions Required
- access.redhat.com/errata/RHSA-2018:0336nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YM2LCC7QBRCK4LTN5EZT5OHTVAR3MYTY/nvd
News mentions
0No linked articles in our index yet.