Default credentials

2017-04-2017:59:00

PRIOn knowledge base

www.prio-n.com

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

oVirt Engine before 4.0.3 does not include DWH_DB_PASSWORD in the list of keys to hide in log files, which allows local users to obtain sensitive password information by reading engine log files.

CPENameOperatorVersion
ovirtle4.0.2

CPE	Name	Operator	Version
	ovirt	le	4.0.2

References

www.securityfocus.com/bid/92665

bugzilla.redhat.com/show_bug.cgi?id=1363816

bugzilla.redhat.com/show_bug.cgi?id=1369793

www.ovirt.org/release/4.0.3/