Date published: 2014-05-29T10:19:07.487-04:00
Date last modified: 2014-05-30T09:44:09.750-04:00
CVSS Score: 2.1
Principal attack vector: LOCAL
Reference URL: http://rhn.redhat.com/errata/RHSA-2014-0558.html
Summary: The setup script in ovirt-engine-reports, as used in the Red Hat Enterprise Virtualization reports (rhevm-reports) package before 3.3.3, stores the reports database password in cleartext, which allows local users to obtain sensitive information by reading an unspecified file.