Linux Distros Unpatched Vulnerability : CVE-2016-5432

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization RHEV Engine 4.0 allows local users to obtain sensitive database provisioning informati...

CVE-2016-5432

CVE-2016-5432 affects the ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization (RHEV) Engine 4.0. The root cause is that authentication details used with --provision*db outputs were not properly sanitized before being written to log files, potentially exposing sensitive informati...

CVE-2016-5432

The ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization RHEV Engine 4.0 allows local users to obtain sensitive database provisioning information by reading log files...

RHEL 7 : org.ovirt.engine-root (RHSA-2016:1967)

An update for org.ovirt.engine-root is now available for RHEV Engine version 4.0. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

CVE-2016-5432

It was found that the ovirt-engine-provisiondb utility did not correctly sanitize the authentication details used with the “—provisiondb” options from the output before storing them in log files. This could allow an attacker with read access to these log files to obtain sensitive information such...