CVE-2014-0199

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions ovirt-engine-reports versions prior to 3.3.3

Description The setup script stores the reports database password in cleartext, allowing local users to obtain sensitive information by reading an unspecified file.

Recommendations For versions prior to 3.3.3, update to version 3.3.3 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-310

Related Identifiers

CVE-2014-0199

RHSA-2014:0558

Affected Products

Ovirt Engine Reports

CVE-2014-0199

Weakness Enumeration

Related Identifiers

Affected Products

References · 3