AI Score
Confidence
High
EPSS
Percentile
5.1%
oVirt Engine before 4.0.3 does not include DWH_DB_PASSWORD in the list of keys to hide in log files, which allows local users to obtain sensitive password information by reading engine log files.
www.securityfocus.com/bid/92665
bugzilla.redhat.com/show_bug.cgi?id=1363816
bugzilla.redhat.com/show_bug.cgi?id=1369793
www.ovirt.org/release/4.0.3/