{"api_version":"1","generated_at":"2026-04-09T20:32:56+00:00","cve":"CVE-2012-5562","urls":{"html":"https://cve.report/CVE-2012-5562","api":"https://cve.report/api/cve/CVE-2012-5562.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2012-5562","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2012-5562"},"summary":{"title":"Rhn-proxy: rhn-satellite: rhn-proxy: information disclosure via clear-text credential transmission when accessing rhn satellite","description":"A flaw was found in rhn-proxy. This vulnerability may allow the rhn-proxy to transmit user credentials in clear-text when it accesses RHN Satellite. This could lead to information disclosure, where sensitive authentication details are exposed to unauthorized parties.","state":"PUBLISHED","assigner":"redhat","published_at":"2019-12-02 19:15:11","updated_at":"2026-04-09 18:16:40"},"problem_types":["CWE-319","CWE-319 Cleartext Transmission of Sensitive Information"],"metrics":[{"version":"3.1","source":"nvd@nist.gov","type":"Secondary","score":"6.5","severity":"MEDIUM","vector":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"}},{"version":"3.1","source":"secalert@redhat.com","type":"Primary","score":"8.6","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"}},{"version":"3.1","source":"CNA","type":"CVSS","score":"8.6","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N","data":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":8.6,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"CHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N","version":"3.1"}},{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"3.3","severity":"","vector":"AV:A/AC:L/Au:N/C:P/I:N/A:N","data":{"version":"2.0","vectorString":"AV:A/AC:L/Au:N/C:P/I:N/A:N","baseScore":3.3,"accessVector":"ADJACENT_NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"}}],"references":[{"url":"https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-5562","name":"https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-5562","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"],"title":"Bug 850953 – VUL-1: CVE-2012-5562: spacewalk: rhn-proxy: may transmit credentials over clear-text","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/security/cve/CVE-2012-5562","name":"https://access.redhat.com/security/cve/CVE-2012-5562","refsource":"secalert@redhat.com","tags":["Third Party Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":""},{"url":"https://access.redhat.com/security/cve/cve-2012-5562","name":"https://access.redhat.com/security/cve/cve-2012-5562","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"CVE-2012-5562 - Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5562","name":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5562","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"],"title":"879369 – (CVE-2012-5562) CVE-2012-5562 rhn-proxy: may transmit credentials over clear-text","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2012-5562","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5562","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Red Hat","product":"Red Hat Satellite 6","version":"","platforms":[]}],"timeline":[{"source":"CNA","time":"2026-04-02T15:02:44.461Z","lang":"en","value":"Reported to Red Hat."},{"source":"CNA","time":"2019-12-02T18:12:41.000Z","lang":"en","value":"Made public."}],"solutions":[],"workarounds":[{"source":"CNA","title":"","value":"Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.","time":"","lang":"en"}],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2012","cve_id":"5562","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"redhat","cpe5":"satellite","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-06T21:14:16.046Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5562"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-5562"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://access.redhat.com/security/cve/cve-2012-5562"}],"title":"CVE Program Container"}],"cna":{"affected":[{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:satellite:6"],"defaultStatus":"unknown","packageName":"satellite","product":"Red Hat Satellite 6","vendor":"Red Hat"}],"datePublic":"2019-12-02T18:12:41.000Z","descriptions":[{"lang":"en","value":"A flaw was found in rhn-proxy. This vulnerability may allow the rhn-proxy to transmit user credentials in clear-text when it accesses RHN Satellite. This could lead to information disclosure, where sensitive authentication details are exposed to unauthorized parties."}],"metrics":[{"other":{"content":{"namespace":"https://access.redhat.com/security/updates/classification/","value":"Important"},"type":"Red Hat severity rating"}},{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":8.6,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"CHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N","version":"3.1"},"format":"CVSS"}],"problemTypes":[{"descriptions":[{"cweId":"CWE-319","description":"Cleartext Transmission of Sensitive Information","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-04-09T17:26:56.549Z","orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat"},"references":[{"tags":["vdb-entry","x_refsource_REDHAT"],"url":"https://access.redhat.com/security/cve/CVE-2012-5562"},{"url":"https://access.redhat.com/security/cve/cve-2012-5562"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5562"},{"url":"https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-5562"}],"timeline":[{"lang":"en","time":"2026-04-02T15:02:44.461Z","value":"Reported to Red Hat."},{"lang":"en","time":"2019-12-02T18:12:41.000Z","value":"Made public."}],"title":"Rhn-proxy: rhn-satellite: rhn-proxy: information disclosure via clear-text credential transmission when accessing rhn satellite","workarounds":[{"lang":"en","value":"Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}],"x_generator":{"engine":"cvelib 1.8.0"},"x_redhatCweChain":"CWE-319: Cleartext Transmission of Sensitive Information"}},"cveMetadata":{"assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","assignerShortName":"redhat","cveId":"CVE-2012-5562","datePublished":"2019-12-02T18:12:41.000Z","dateReserved":"2012-10-24T00:00:00.000Z","dateUpdated":"2026-04-09T17:26:56.549Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2019-12-02 19:15:11","lastModifiedDate":"2026-04-09 18:16:40","problem_types":["CWE-319","CWE-319 Cleartext Transmission of Sensitive Information"],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":4},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:A/AC:L/Au:N/C:P/I:N/A:N","baseScore":3.3,"accessVector":"ADJACENT_NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.5,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:satellite:*:*:*:*:*:*:*:*","versionEndExcluding":"5.6","matchCriteriaId":"217BC7BB-97DA-439C-AE47-48DE1289B43A"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2012","CveId":"5562","Ordinal":"1","Title":"Rhn-proxy: rhn-satellite: rhn-proxy: information disclosure via ","CVE":"CVE-2012-5562","Year":"2012"},"notes":[{"CveYear":"2012","CveId":"5562","Ordinal":"1","NoteData":"A flaw was found in rhn-proxy. This vulnerability may allow the rhn-proxy to transmit user credentials in clear-text when it accesses RHN Satellite. This could lead to information disclosure, where sensitive authentication details are exposed to unauthorized parties.","Type":"Description","Title":"Rhn-proxy: rhn-satellite: rhn-proxy: information disclosure via "},{"CveYear":"2012","CveId":"5562","Ordinal":"2","NoteData":"2019-12-02","Type":"Other","Title":"Published"},{"CveYear":"2012","CveId":"5562","Ordinal":"3","NoteData":"2019-12-02","Type":"Other","Title":"Modified"}]}}}