6.2 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
oVirt Engine before 4.0.3 does not include DWH_DB_PASSWORD in the list of keys to hide in log files, which allows local users to obtain sensitive password information by reading engine log files.
www.securityfocus.com/bid/92665
bugzilla.redhat.com/show_bug.cgi?id=1363816
bugzilla.redhat.com/show_bug.cgi?id=1369793
www.ovirt.org/release/4.0.3/