ovirt-engine-metrics is vulnerable to information disclosure. The passwords used in deployment and configuration of the oVirt Metrics are disclosed in log files.
www.securityfocus.com/bid/109140
access.redhat.com/errata/RHSA-2019:2499
access.redhat.com/security/cve/CVE-2019-10194
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1683157
bugzilla.redhat.com/show_bug.cgi?id=1715513
bugzilla.redhat.com/show_bug.cgi?id=1721480
bugzilla.redhat.com/show_bug.cgi?id=1723786
bugzilla.redhat.com/show_bug.cgi?id=1726007
bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10194