Ovirt · Ovirt Metrics · CVE-2019-10194
Name of the Vulnerable Software and Affected Versions:
oVirt Metrics (affected versions not specified)
Description:
The issue concerns sensitive passwords used in the deployment and configuration of oVirt Metrics. These passwords are insufficiently protected and could be disclosed in log files if playbooks are run with the -v option or in playbooks stored on Metrics or Bastion hosts.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.