RHSA-2014:0558 Red Hat Security Advisory: rhevm-reports 3.3.3 security and bug fix update

Bulletin has no description...

RHEL 6 : rhevm-reports 3.3.3 (RHSA-2014:0558)

An updated rhevm-reports package that fixes three security issues and one bug is now available. The Red Hat Security Response Team has rated this update as having Low security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for eac...

Design/Logic Flaw

ovirt-engine-reports, as used in the Red Hat Enterprise Virtualization reports package rhevm-reports before 3.3.3, uses world-readable permissions on configuration files, which allows local users to obtain sensitive information by reading the files...

CVE-2014-0199

The setup script in ovirt-engine-reports, as used in the Red Hat Enterprise Virtualization reports rhevm-reports package before 3.3.3, stores the reports database password in cleartext, which allows local users to obtain sensitive information by reading an unspecified file...

CVE-2014-0199

The CVE-2014-0199 issue affects ovirt-engine-reports (as used by rhevm-reports) before version 3.3.3, where the setup script stores the reports database password in cleartext in a file readable by everyone. Local attackers with access to the Red Hat Enterprise Virtualization Manager server could ...

CVE-2014-0201

CVE-2014-0201 concerns the ovirt-engine-reports component in the Red Hat Enterprise Virtualization reports package (rhevm-reports) prior to version 3.3.3. The root cause is that multiple configuration files are world-readable, enabling a local attacker with access to read sensitive information. P...

PT-2014-3530 · Red Hat · Rhevm-Reports

Name of the Vulnerable Software and Affected Versions: Red Hat Enterprise Virtualization Manager reports rhevm-reports versions prior to 3.3.3-1 Description: The issue allows local users to obtain sensitive information by reading a configuration file due to world-readable permissions. The file in...

ovirt-engine-reports: various configuration files are world-readable

ovirt-engine-reports, as used in the Red Hat Enterprise Virtualization reports package rhevm-reports before 3.3.3, uses world-readable permissions on configuration files, which allows local users to obtain sensitive information by reading the files...

Low: Red Hat Security Advisory: rhevm-reports 3.3.3 security and bug fix update

An updated rhevm-reports package that fixes three security issues and one bug is now available. The Red Hat Security Response Team has rated this update as having Low security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for eac...