CVE-2019-10194

Опубликовано: 11 июл. 2019

Источник: nvd

CVSS3: 5.9

CVSS3: 5.5

CVSS2: 2.1

EPSS Низкий

Описание

Sensitive passwords used in deployment and configuration of oVirt Metrics, all versions. were found to be insufficiently protected. Passwords could be disclosed in log files (if playbooks are run with -v) or in playbooks stored on Metrics or Bastion hosts.

Ссылки

http://www.securityfocus.com/bid/109140
Broken Link
Third Party Advisory
VDB Entry
https://access.redhat.com/errata/RHSA-2019:2499
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10194
Issue Tracking
Vendor Advisory
http://www.securityfocus.com/bid/109140
Broken Link
Third Party Advisory
VDB Entry
https://access.redhat.com/errata/RHSA-2019:2499
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10194
Issue Tracking
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ovirt:ovirt:*:*:*:*:*:*:*:*

Конфигурация 2

cpe:2.3:a:redhat:virtualization_manager:4.3:*:*:*:*:*:*:*

EPSS

Процентиль: 24%

0.00082

Низкий

5.9 Medium

CVSS3

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-532

Связанные уязвимости

CVE-2019-10194

CVSS3: 5.9

redhat

почти 7 лет назад

GHSA-2rxg-f4r2-fm3c

CVSS3: 5.5

github

больше 3 лет назад

EPSS

Процентиль: 24%

0.00082

Низкий

5.9 Medium

CVSS3

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-532