6 matches found
CVE-2016-5432
The ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization RHEV Engine 4.0 allows local users to obtain sensitive database provisioning information by reading log files...
CVE-2016-5432
The ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization RHEV Engine 4.0 allows local users to obtain sensitive database provisioning information by reading log files...
CVE-2016-5432
CVE-2016-5432 affects the ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization (RHEV) Engine 4.0. The root cause is that authentication details used with --provision*db outputs were not properly sanitized before being written to log files, potentially exposing sensitive informati...
PT-2016-6427 · Red Hat · Red Hat Enterprise Virtualization
Name of the Vulnerable Software and Affected Versions: Red Hat Enterprise Virtualization RHEV Engine version 4.0 Description: The issue allows local users to obtain sensitive database provisioning information. This is achieved by reading log files, specifically those generated by the...
ovirt-engine: ovirt-engine-provisiondb logs contain DB username and password in plain text
It was found that the ovirt-engine-provisiondb utility did not correctly sanitize the authentication details used with the “—provisiondb” options from the output before storing them in log files. This could allow an attacker with read access to these log files to obtain sensitive information such...
CVE-2016-5432
It was found that the ovirt-engine-provisiondb utility did not correctly sanitize the authentication details used with the “—provisiondb” options from the output before storing them in log files. This could allow an attacker with read access to these log files to obtain sensitive information such...