Steve D

**Name of the Vulnerable Software and Affected Versions** foreman versions prior to 1.16.1 **Description** A flaw was found in the software that allows users with limited permissions for powering oVirt/RHV hosts on and off to discover the `username` and `password` used to connect to the compute resource. **Recommendations** For versions prior to 1.16.1, update to version 1.16.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the compute resource to minimize the risk of exploitation.