CVE-2014-0200CVE-2014-0200

Affected configuration(s):

cpe:/a:redhat:rhevm-reports:3.0
cpe:/a:redhat:rhevm-reports:3.1
cpe:/a:redhat:rhevm-reports:3.2
cpe:/a:redhat:rhevm-reports:3.3
cpe:/a:redhat:rhevm-reports:3.3.3

Date published: 2014-05-29T10:19:07.567-04:00

Date last modified: 2014-05-30T09:46:13.080-04:00

CVSS Score: 2.1

Principal attack vector: LOCAL

Complexity:  LOW

Reference URL: http://rhn.redhat.com/errata/RHSA-2014-0558.html

Summary: The Red Hat Enterprise Virtualization Manager reports (rhevm-reports) package before 3.3.3-1 uses world-readable permissions on the datasource configuration file (js-jboss7-ds.xml), which allows local users to obtain sensitive information by reading the file.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.