exploitDog

CVE-2022-2805

Опубликовано: 19 окт. 2022

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

A flaw was found in ovirt-engine, which leads to the logging of plaintext passwords in the log file when using otapi-style. This flaw allows an attacker with sufficient privileges to read the log file, leading to confidentiality loss.

Ссылки

https://access.redhat.com/security/cve/CVE-2022-2805
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2079545
Issue Tracking
Vendor Advisory
https://access.redhat.com/security/cve/CVE-2022-2805
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2079545
Issue Tracking
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*

EPSS

Процентиль: 30%

0.00111

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-312

CWE-312

Связанные уязвимости

CVE-2022-2805

CVSS3: 5.1

redhat

больше 3 лет назад

A flaw was found in ovirt-engine, which leads to the logging of plaintext passwords in the log file when using otapi-style. This flaw allows an attacker with sufficient privileges to read the log file, leading to confidentiality loss.

GHSA-r2ff-gw5r-6x3q

CVSS3: 6.5

github

больше 3 лет назад

A flaw was found in ovirt-engine, which leads to the logging of plaintext passwords in the log file when using otapi-style. This flaw allows an attacker with sufficient privileges to read the log file, leading to confidentiality loss.

EPSS

Процентиль: 30%

0.00111

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-312

CWE-312