Date published: 2014-05-29T10:19:07.627-04:00
Date last modified: 2014-05-30T09:47:17.347-04:00
CVSS Score: 2.1
Principal attack vector: LOCAL
Reference URL: http://rhn.redhat.com/errata/RHSA-2014-0558.html
Summary: ovirt-engine-reports, as used in the Red Hat Enterprise Virtualization reports package (rhevm-reports) before 3.3.3, uses world-readable permissions on configuration files, which allows local users to obtain sensitive information by reading the files.