CVE-2012-6117
CVE-2012-6117 affects Aeolus Configuration Server as used in Red Hat CloudForms Cloud Engine prior to 1.1.2. The issue is that /var/log/aeolus-configserver/configserver.log is world-readable, allowing local attackers to read plaintext passwords stored in the log file. Red Hat addressed this with ...