Red Hat · Red Hat Enterprise Virtualization · CVE-2015-0257
**Name of the Vulnerable Software and Affected Versions**
Red Hat Enterprise Virtualization (RHEV) Manager versions prior to 3.5.1
**Description**
The issue allows local users to obtain sensitive information by reading files in a directory due to weak permissions on the directories shared by the ovirt-engine-dwhd service and a plugin during service startup.
**Recommendations**
For versions prior to 3.5.1, update to version 3.5.1 or later to resolve the issue.