Lucene search
+L

16 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.10 views

EUVD-2019-2178

Malware in sbrugna...

7.8CVSS5.9AI score0.00245EPSS
Exploits0References5
OSV
OSV
added 2024/09/13 7:52 p.m.25 views

RHSA-2019:2433 Red Hat Security Advisory: cockpit-ovirt security, bug fix, and enhancement update

Bulletin has no description...

5.6CVSS7.7AI score0.00245EPSS
Exploits0References12
RedHat Linux
RedHat Linux
added 2021/04/14 11:41 a.m.77 views

Moderate: Red Hat Security Advisory: RHV RHEL Host (ovirt-host) 4.4.z [ovirt-4.4.5] security, bug fix, enhancement

Updated host packages that fix several bugs and add various enhancements are now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS6.4AI score0.0367EPSS
Exploits2References17
Tenable Nessus
Tenable Nessus
added 2021/04/14 12:0 a.m.81 views

RHEL 8 : RHV Host (ovirt-host) 4.4.z security, (Moderate) (RHSA-2021:1184)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:1184 advisory. The ovirt-hosted-engine-setup package provides a self-hosted engine tool for the Red Hat Virtualization Manager. A self-hosted engine is a virtualize...

7.5CVSS6.3AI score0.0367EPSS
Exploits2References20
BDU FSTEC
BDU FSTEC
added 2020/07/15 12:0 a.m.6 views

The vulnerability of the /var/lib/ovirt-hosted-engine-setup/cockpit/ansibleVarFileXXXXXX.var component of the cockpit-ovirt plugin, a software tool for managing virtualization of servers and workstations on Red Hat Virtualization, allows a attacker to expose the credentials of a privileged user.

The vulnerability of the /var/lib/ovirt-hosted-engine-setup/cockpit/ansibleVarFileXXXXXX.var component of the cockpit-ovirt plugin, a software tool for managing virtualization of servers and workstations in Red Hat Virtualization, is related to insufficient protection of registration data...

7.8CVSS6.4AI score0.00245EPSS
Exploits0References5Affected Software1
RedhatCVE
RedhatCVE
added 2019/10/09 11:58 a.m.26 views

CVE-2019-10139

During HE deployment via cockpit-ovirt, cockpit-ovirt generates an ansible variable file /var/lib/ovirt-hosted-engine-setup/cockpit/ansibleVarFileXXXXXX.var which contains the admin and the appliance passwords as plain-text. At the of the deployment procedure, these files are deleted...

7.8CVSS3.2AI score0.00245EPSS
Exploits0References3
Veracode
Veracode
added 2019/08/13 12:29 a.m.33 views

Information Disclosure

cockpit-ovirt is vulnerable to information disclosure. The admin and appliance passwords are saved in plaintext variable file during HE deployment...

7.8CVSS1.7AI score0.00245EPSS
Exploits0References12Affected Software5
RedHat Linux
RedHat Linux
added 2019/08/12 11:56 a.m.4 views

cockpit-ovirt: admin and appliance passwords saved in plain text variable file during HE deployment

A credential-protection flaw was found in cockpit-ovirt. During deployment, it generated an ansible variable file /var/lib/ovirt-hosted-engine-setup/cockpit/ansibleVarFileXXXXXX.var which contained both admin and appliance passwords as plain-text. Although these files are deleted at the end of th...

7.8CVSS7.3AI score0.00245EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2019/08/12 11:56 a.m.30 views

Moderate: Red Hat Security Advisory: cockpit-ovirt security, bug fix, and enhancement update

An update for cockpit-ovirt is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.8CVSS6.5AI score0.00245EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2019/08/12 11:56 a.m.5 views

cockpit-ovirt: admin and appliance passwords saved in plain text variable file during HE deployment

A credential-protection flaw was found in cockpit-ovirt. During deployment, it generated an ansible variable file /var/lib/ovirt-hosted-engine-setup/cockpit/ansibleVarFileXXXXXX.var which contained both admin and appliance passwords as plain-text. Although these files are deleted at the end of th...

7.8CVSS7.3AI score0.00245EPSS
Exploits0References4
CNVD
CNVD
added 2019/05/22 12:0 a.m.8 views

cockpit-ovirt information disclosure vulnerability

cockpit-ovirt is a system administration tool. An information disclosure vulnerability exists in cockpit-ovirt. The vulnerability stems from the lack of an effective trust management mechanism in a networked system or product. An attacker can exploit default passwords or hard-coded passwords,...

7.8CVSS6.4AI score0.00245EPSS
Exploits0References1
NVD
NVD
added 2019/05/17 4:29 p.m.25 views

CVE-2019-10139

During HE deployment via cockpit-ovirt, cockpit-ovirt generates an ansible variable file /var/lib/ovirt-hosted-engine-setup/cockpit/ansibleVarFileXXXXXX.var which contains the admin and the appliance passwords as plain-text. At the of the deployment procedure, these files are deleted...

7.8CVSS6.5AI score0.00245EPSS
Exploits0References4
Prion
Prion
added 2019/05/17 4:29 p.m.36 views

Code injection

During HE deployment via cockpit-ovirt, cockpit-ovirt generates an ansible variable file /var/lib/ovirt-hosted-engine-setup/cockpit/ansibleVarFileXXXXXX.var which contains the admin and the appliance passwords as plain-text. At the of the deployment procedure, these files are deleted...

2.1CVSS7.8AI score0.00245EPSS
Exploits0References4
CVE
CVE
added 2019/05/17 3:28 p.m.82 views

CVE-2019-10139

CVE-2019-10139 affects cockpit-ovirt: during hosted engine deployment, cockpit-ovirt creates an ansibleVarFileXXXXXX.var containing admin and appliance passwords in plain text at /var/lib/ovirt-hosted-engine-setup/cockpit/. These files are deleted at the end of deployment, but during exposure the...

7.8CVSS7.7AI score0.00245EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2019/05/17 3:28 p.m.31 views

CVE-2019-10139

During HE deployment via cockpit-ovirt, cockpit-ovirt generates an ansible variable file /var/lib/ovirt-hosted-engine-setup/cockpit/ansibleVarFileXXXXXX.var which contains the admin and the appliance passwords as plain-text. At the of the deployment procedure, these files are deleted...

5.6CVSS8.3AI score0.00245EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2019/05/17 12:0 a.m.7 views

PT-2019-5508 · Red Hat · Cockpit-Ovirt

Name of the Vulnerable Software and Affected Versions: cockpit-ovirt affected versions not specified Description: The issue is related to insufficient protection of registration data in the cockpit-ovirt plugin of the Red Hat Virtualization management software. During HE deployment, an Ansible...

7.8CVSS5.3AI score0.00245EPSS
Exploits0References7
Rows per page
Query Builder