CVE-2014-0202CVE-2014-0202

Affected configuration(s):

cpe:/a:redhat:rhevm-dwh:3.3.2

Date published: 2014-05-30T10:55:08.817-04:00

Date last modified: 2014-06-26T11:46:06.273-04:00

CVSS Score: 2.1

Principal attack vector: LOCAL

Complexity:  LOW

Reference URL: http://rhn.redhat.com/errata/RHSA-2014-0559.html

Summary: The setup script in ovirt-engine-dwh, as used in the Red Hat Enterprise Virtualization Manager data warehouse (rhevm-dwh) package before 3.3.3, stores the history database password in cleartext, which allows local users to obtain sensitive information by reading an unspecified file.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *