It was discovered that Red Hat Certificate System use insecure default file
permissions on configuration files (such as password.conf) that may contain
authentication credentials or other sensitive information that should only be
accessible to administrative and service users.
This problem allows any local user to read Red Hat Certificate System
This issue was addressed in:
Red Hat Certificate System: