CVE-2014-0199CVE-2014-0199

Affected configuration(s):

cpe:/a:redhat:rhevm-reports:3.0
cpe:/a:redhat:rhevm-reports:3.1
cpe:/a:redhat:rhevm-reports:3.2
cpe:/a:redhat:rhevm-reports:3.3

Date published: 2014-05-29T10:19:07.487-04:00

Date last modified: 2014-05-30T09:44:09.750-04:00

CVSS Score: 2.1

Principal attack vector: LOCAL

Complexity:  LOW

Reference URL: http://rhn.redhat.com/errata/RHSA-2014-0558.html

Summary: The setup script in ovirt-engine-reports, as used in the Red Hat Enterprise Virtualization reports (rhevm-reports) package before 3.3.3, stores the reports database password in cleartext, which allows local users to obtain sensitive information by reading an unspecified file.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.