Описание
The domain management tool (rhevm-manage-domains) in Red Hat Enterprise Virtualization Manager (RHEV-M) 3.1 and earlier, when the validate action is enabled, logs the administrative password to a world-readable log file, which allows local users to obtain sensitive information by reading this file.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Virtualization 2 | ovirt-engine-config | Not affected | ||
| RHEV Manager version 3.1 | org.ovirt.engine-root | Fixed | RHSA-2013:0211 | 04.02.2013 |
Показывать по
Дополнительная информация
Статус:
EPSS
4.7 Medium
CVSS2
Связанные уязвимости
The domain management tool (rhevm-manage-domains) in Red Hat Enterprise Virtualization Manager (RHEV-M) 3.1 and earlier, when the validate action is enabled, logs the administrative password to a world-readable log file, which allows local users to obtain sensitive information by reading this file.
The domain management tool (rhevm-manage-domains) in Red Hat Enterpris ...
The domain management tool (rhevm-manage-domains) in Red Hat Enterprise Virtualization Manager (RHEV-M) 3.1 and earlier, when the validate action is enabled, logs the administrative password to a world-readable log file, which allows local users to obtain sensitive information by reading this file.
EPSS
4.7 Medium
CVSS2