6 matches found
RHSA-2014:1947 Red Hat Security Advisory: rhevm-log-collector security update
Bulletin has no description...
Information Disclosure
rhevm-log-collector is vulnerable to information disclosure attacks. The vulnerability exists as the rhevm-log-collector package in Red Hat Enterprise Virtualization 3.4 uses the PostgreSQL database password on the command line when calling sosreport, which allows local users to obtain sensitive...
CVE-2014-3561
The rhevm-log-collector package in Red Hat Enterprise Virtualization 3.4 uses the PostgreSQL database password on the command line when calling sosreport, which allows local users to obtain sensitive information by listing the processes...
PT-2014-5396 · Postgresql +1 · Postgresql +2
Name of the Vulnerable Software and Affected Versions: Red Hat Enterprise Virtualization version 3.4 Description: The issue allows local users to obtain sensitive information, specifically the PostgreSQL database password, by listing the processes. This is because the rhevm-log-collector package...
RHEL 6 : rhevm-log-collector (RHSA-2014:1947)
An updated rhevm-log-collector package that fixes one security issue is now available for Red Hat Enterprise Virtualization 3. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...
Low: Red Hat Security Advisory: rhevm-log-collector security update
An updated rhevm-log-collector package that fixes one security issue is now available for Red Hat Enterprise Virtualization 3. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...