CVE-2010-2241

Description

The (1) setup-ds.pl and (2) setup-ds-admin.pl setup scripts for Red Hat Directory Server 8 before 8.2 use world-readable permissions when creating cache files, which allows local users to obtain sensitive information including passwords for Directory and Administration Server administrative accounts.

Risk Information

Base Score

8.1

MODERATE

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

EPSS Score

Exploitation Probability

0.047

Associated Vulnerability

No records found

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234