PT-2014-3530 · Red Hat · Rhevm-Reports
Published
2014-05-29
·
Updated
2023-02-13
·
CVE-2014-0200
CVSS v2.0
2.1
Low
| Vector | AV:L/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Red Hat Enterprise Virtualization Manager reports (rhevm-reports) versions prior to 3.3.3-1
Description
The issue allows local users to obtain sensitive information by reading a configuration file due to world-readable permissions. The file in question is the datasource configuration file, specifically
js-jboss7-ds.xml.Recommendations
For versions prior to 3.3.3-1, update to version 3.3.3-1 or later to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Rhevm-Reports