tog-pegasus in OpenGroup Pegasus 2.7.0 on Red Hat Enterprise Linux (RHEL) 5, Fedora 9, and Fedora 10 does not log failed authentication attempts to the OpenPegasus CIM server, which makes it easier for remote attackers to avoid detection of password guessing attacks.

Threat-Mapped Scoring

Score: 3.0

Priority: P2 - Serious (High)

• S1 – Steal Customer Account Information

EPSS

Score: 0.01577
Percentile: 0.80754

CVSS Scoring

Affected Products

• cpe:2.3:o:redhat:enterprise_linux:5.0:*:server:*:*:*:*:*
• cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:client:*:*:*:*:*

← Back to Home