Plaintext Candlepin password disclosed while updating Red Hat Satellite through satellite-installer. An attacker with sufficiently high privileges, such as root, can retrieve Candlepin plaintext password. References: https://bugzilla.redhat.com/show_bug.cgi?id=1809497
Acknowledgments: Name: Katherine M. Hosch (Louisiana Technical Consulting)