CVE-2022-2806

Опубликовано: 27 мая 2022

Источник: redhat

CVSS3: 5.1

Описание

It was found that the ovirt-log-collector/sosreport collects the RHV admin password unfiltered. Fixed in: sos-4.2-20.el8_6, ovirt-log-collector-4.4.7-2.el8ev

A flaw was found in the ovirt-log-collector, which led to the logging of plaintext passwords in the log file. This flaw allows an attacker with sufficient privileges to read the log file, leading to a loss of confidentiality.

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-200

https://bugzilla.redhat.com/show_bug.cgi?id=2080005ovirt-log-collector: RHVM admin password is logged unfiltered

5.1 Medium

CVSS3

Связанные уязвимости

CVE-2022-2806

CVSS3: 5.5

ubuntu

больше 3 лет назад

It was found that the ovirt-log-collector/sosreport collects the RHV admin password unfiltered. Fixed in: sos-4.2-20.el8_6, ovirt-log-collector-4.4.7-2.el8ev

CVE-2022-2806

CVSS3: 5.5

nvd

больше 3 лет назад

It was found that the ovirt-log-collector/sosreport collects the RHV admin password unfiltered. Fixed in: sos-4.2-20.el8_6, ovirt-log-collector-4.4.7-2.el8ev

CVE-2022-2806

CVSS3: 5.5

msrc

больше 3 лет назад

It was found that the ovirt-log-collector/sosreport collects the RHV admin password unfiltered. Fixed in: sos-4.2-20.el8_6 ovirt-log-collector-4.4.7-2.el8ev

GHSA-7pf9-7cff-f854

CVSS3: 5.5

github

больше 3 лет назад

sosreport Exposure of Sensitive Information vulnerability

5.1 Medium

CVSS3