CVE-2014-0184

Name of the Vulnerable Software and Affected Versions Red Hat CloudForms versions prior to 5.2.4.2

Description The issue allows local users to obtain sensitive information, specifically the root password, by reading the evm.log file when deploying a VM. This occurs because the root password is logged during the deployment process.

Recommendations For versions prior to 5.2.4.2, update to version 5.2.4.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the evm.log file to minimize the risk of sensitive information disclosure.