CVE-2016-5411

Опубликовано: 13 июн. 2017

Источник: nvd

CVSS3: 9.8

CVSS2: 10

EPSS Низкий

Описание

/var/lib/ovirt-engine/setup/engine-DC-config.py in Red Hat QuickStart Cloud Installer (QCI) before 1.0 GA is created world readable and contains the root password of the deployed system.

Ссылки

http://www.securityfocus.com/bid/92669
Third Party Advisory
VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=1366412
Issue Tracking
Vendor Advisory
http://www.securityfocus.com/bid/92669
Third Party Advisory
VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=1366412
Issue Tracking
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:redhat:quickstart_cloud_installer:0.9:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:-:*:*:*:*:*:*:*

EPSS

Процентиль: 61%

0.00413

Низкий

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-255

Связанные уязвимости

CVE-2016-5411

CVSS3: 7.1

redhat

больше 9 лет назад

/var/lib/ovirt-engine/setup/engine-DC-config.py in Red Hat QuickStart Cloud Installer (QCI) before 1.0 GA is created world readable and contains the root password of the deployed system.

GHSA-3qwq-p88c-9vwf

CVSS3: 9.8

github

больше 3 лет назад

/var/lib/ovirt-engine/setup/engine-DC-config.py in Red Hat QuickStart Cloud Installer (QCI) before 1.0 GA is created world readable and contains the root password of the deployed system.

EPSS

Процентиль: 61%

0.00413

Низкий

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-255