关键漏洞信息 漏洞ID: Bug 1959971 (CVE-2021-3551) 描述: pki-server Dogtag installer "pkispawn" logs admin credentials into a world-readable log file 状态: CLOSED ERRATA 产品: Security Response 组件: vulnerability 优先级: high 严重性: high 操作系统: Linux 影响版本: pki-core 10.10 修复版本: pki-core 10.10.6 报告日期: 2021-05-12 18:17 UTC 最后关闭日期: 2021-06-03 11:32:12 UTC 详细描述 问题: When the pkispawn command is run in debug mode, admin credentials are stored in the installation log file, which is world readable. 修复情况: This issue has been addressed in Red Hat Enterprise Linux 8 via RHSA-2021:2235. 相关链接 RHSA-2021:2235 CVE-2021-3551