CVE-2008-4315
Description
tog-pegasus in OpenGroup Pegasus 2.7.0 on Red Hat Enterprise Linux (RHEL) 5, Fedora 9, and Fedora 10 does not log failed authentication attempts to the OpenPegasus CIM server, which makes it easier for remote attackers to avoid detection of password guessing attacks.
Risk Information
Base Score
9.1
MODERATE
Vector
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS Score
Exploitation Probability
1.577
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| (RHSA-2008:1001) Important: tog-pegasus security update tog-pegasus-2.7.0-2.el5_2.1.i386.rpm | Linux |
| (RHSA-2008:1001) Important: tog-pegasus security update tog-pegasus-2.7.0-2.el5_2.1.x86_64.rpm | Linux |
| (RHSA-2008:1001) Important: tog-pegasus security update tog-pegasus-devel-2.7.0-2.el5_2.1.i386.rpm | Linux |
| (RHSA-2008:1001) Important: tog-pegasus security update tog-pegasus-devel-2.7.0-2.el5_2.1.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234