2 matches found
Design/Logic Flaw
ovirt-engine-reports, as used in the Red Hat Enterprise Virtualization reports package rhevm-reports before 3.3.3, uses world-readable permissions on configuration files, which allows local users to obtain sensitive information by reading the files...
CVE-2014-0199
The CVE-2014-0199 issue affects ovirt-engine-reports (as used by rhevm-reports) before version 3.3.3, where the setup script stores the reports database password in cleartext in a file readable by everyone. Local attackers with access to the Red Hat Enterprise Virtualization Manager server could ...