CVE-2016-4996

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2016-4996

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-4996.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2016-4996

Downstream

RHSA-2018:0336

Published

2017-07-17T13:18:06.170Z

Modified

2026-03-14T09:19:50.845738Z

Severity

7.0 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

discovery-debug in Foreman before 6.2 when the ssh service has been enabled on discovered nodes displays the root password in plaintext in the system journal when used to log in, which allows local users with access to the system journal to obtain the root password by reading the system journal, or by clicking Logs on the console.

References

Affected packages

Git /

Affected ranges

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-4996.json"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "6.3"
            }
        ]
    }
]