CVE-2021-3551

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-3551

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-3551.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-3551

Downstream

DEBIAN-CVE-2021-3551

RHSA-2021:2235

UBUNTU-CVE-2021-3551

Related

RLSA-2021:2235

Published

2022-02-16T17:15:11.103Z

Modified

2025-11-20T11:47:29.729321Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This flaw allows a local attacker to retrieve the file to obtain the admin password and gain admin privileges to the Dogtag CA manager. The highest threat from this vulnerability is to confidentiality.

References

https://bugzilla.redhat.com/show_bug.cgi?id=1959971

Affected packages

Git / github.com/dogtagpki/pki

Affected ranges

Type: GIT
Repo: https://github.com/dogtagpki/pki
Events: Introduced

61297c6f97cb0e850a76307d1200b4a7c63f001c

Fixed

1c0a7b45225aadc6efde21f92b0103937ae99d6d

Affected versions

v10.*

v10.10.0

v10.10.1

v10.10.2

v10.10.3

v10.10.4

v10.10.5