16 matches found
EUVD-2019-2178
Malware in sbrugna...
RHSA-2019:2433 Red Hat Security Advisory: cockpit-ovirt security, bug fix, and enhancement update
Bulletin has no description...
Moderate: Red Hat Security Advisory: RHV RHEL Host (ovirt-host) 4.4.z [ovirt-4.4.5] security, bug fix, enhancement
Updated host packages that fix several bugs and add various enhancements are now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RHEL 8 : RHV Host (ovirt-host) 4.4.z security, (Moderate) (RHSA-2021:1184)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:1184 advisory. The ovirt-hosted-engine-setup package provides a self-hosted engine tool for the Red Hat Virtualization Manager. A self-hosted engine is a virtualize...
The vulnerability of the /var/lib/ovirt-hosted-engine-setup/cockpit/ansibleVarFileXXXXXX.var component of the cockpit-ovirt plugin, a software tool for managing virtualization of servers and workstations on Red Hat Virtualization, allows a attacker to expose the credentials of a privileged user.
The vulnerability of the /var/lib/ovirt-hosted-engine-setup/cockpit/ansibleVarFileXXXXXX.var component of the cockpit-ovirt plugin, a software tool for managing virtualization of servers and workstations in Red Hat Virtualization, is related to insufficient protection of registration data...
CVE-2019-10139
During HE deployment via cockpit-ovirt, cockpit-ovirt generates an ansible variable file /var/lib/ovirt-hosted-engine-setup/cockpit/ansibleVarFileXXXXXX.var which contains the admin and the appliance passwords as plain-text. At the of the deployment procedure, these files are deleted...
Information Disclosure
cockpit-ovirt is vulnerable to information disclosure. The admin and appliance passwords are saved in plaintext variable file during HE deployment...
cockpit-ovirt: admin and appliance passwords saved in plain text variable file during HE deployment
A credential-protection flaw was found in cockpit-ovirt. During deployment, it generated an ansible variable file /var/lib/ovirt-hosted-engine-setup/cockpit/ansibleVarFileXXXXXX.var which contained both admin and appliance passwords as plain-text. Although these files are deleted at the end of th...
Moderate: Red Hat Security Advisory: cockpit-ovirt security, bug fix, and enhancement update
An update for cockpit-ovirt is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
cockpit-ovirt: admin and appliance passwords saved in plain text variable file during HE deployment
A credential-protection flaw was found in cockpit-ovirt. During deployment, it generated an ansible variable file /var/lib/ovirt-hosted-engine-setup/cockpit/ansibleVarFileXXXXXX.var which contained both admin and appliance passwords as plain-text. Although these files are deleted at the end of th...
cockpit-ovirt information disclosure vulnerability
cockpit-ovirt is a system administration tool. An information disclosure vulnerability exists in cockpit-ovirt. The vulnerability stems from the lack of an effective trust management mechanism in a networked system or product. An attacker can exploit default passwords or hard-coded passwords,...
CVE-2019-10139
During HE deployment via cockpit-ovirt, cockpit-ovirt generates an ansible variable file /var/lib/ovirt-hosted-engine-setup/cockpit/ansibleVarFileXXXXXX.var which contains the admin and the appliance passwords as plain-text. At the of the deployment procedure, these files are deleted...
Code injection
During HE deployment via cockpit-ovirt, cockpit-ovirt generates an ansible variable file /var/lib/ovirt-hosted-engine-setup/cockpit/ansibleVarFileXXXXXX.var which contains the admin and the appliance passwords as plain-text. At the of the deployment procedure, these files are deleted...
CVE-2019-10139
CVE-2019-10139 affects cockpit-ovirt: during hosted engine deployment, cockpit-ovirt creates an ansibleVarFileXXXXXX.var containing admin and appliance passwords in plain text at /var/lib/ovirt-hosted-engine-setup/cockpit/. These files are deleted at the end of deployment, but during exposure the...
CVE-2019-10139
During HE deployment via cockpit-ovirt, cockpit-ovirt generates an ansible variable file /var/lib/ovirt-hosted-engine-setup/cockpit/ansibleVarFileXXXXXX.var which contains the admin and the appliance passwords as plain-text. At the of the deployment procedure, these files are deleted...
PT-2019-5508 · Red Hat · Cockpit-Ovirt
Name of the Vulnerable Software and Affected Versions: cockpit-ovirt affected versions not specified Description: The issue is related to insufficient protection of registration data in the cockpit-ovirt plugin of the Red Hat Virtualization management software. During HE deployment, an Ansible...