CVE-2019-10194
5.9
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N
Summary
Sensitive passwords used in deployment and configuration of oVirt Metrics, all versions. were found to be insufficiently protected. Passwords could be disclosed in log files (if playbooks are run with -v) or in playbooks stored on Metrics or Bastion hosts.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Red Hat | ovirt-engine-metrics | all versions | affected |
Weaknesses
- CWE-532: CWE-532
ADP Enrichment
CVE Program Container
Additional References
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10194
- http://www.securityfocus.com/bid/109140
- https://access.redhat.com/errata/RHSA-2019:2499
References
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10194
- http://www.securityfocus.com/bid/109140
- https://access.redhat.com/errata/RHSA-2019:2499
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.