CVE-2014-0201CVE-2014-0201

Affected configuration(s):

cpe:/a:redhat:rhevm-reports:3.0
cpe:/a:redhat:rhevm-reports:3.1
cpe:/a:redhat:rhevm-reports:3.2
cpe:/a:redhat:rhevm-reports:3.3

Date published: 2014-05-29T10:19:07.627-04:00

Date last modified: 2014-05-30T09:47:17.347-04:00

CVSS Score: 2.1

Principal attack vector: LOCAL

Complexity:  LOW

Reference URL: http://rhn.redhat.com/errata/RHSA-2014-0558.html

Summary: ovirt-engine-reports, as used in the Red Hat Enterprise Virtualization reports package (rhevm-reports) before 3.3.3, uses world-readable permissions on configuration files, which allows local users to obtain sensitive information by reading the files.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.