Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 uses weak permissions on the directories shared by the ovirt-engine-dwhd service and a plugin during service startup, which allows local users to obtain sensitive information by reading files in the directory.
References
Link | Resource |
---|---|
http://rhn.redhat.com/errata/RHSA-2015-0888.html | Vendor Advisory |
http://www.securitytracker.com/id/1032231 |
Configurations
Information
Published : 2015-05-01 08:59
Updated : 2023-02-12 15:15
NVD link : CVE-2015-0257
Mitre link : CVE-2015-0257
JSON object : View
CWE
CWE-264
Permissions, Privileges, and Access Controls
Products Affected
redhat
- enterprise_virtualization_manager