CVE-2016-6341

oVirt Engine before 4.0.3 does not include DWH_DB_PASSWORD in the list of keys to hide in log files, which allows local users to obtain sensitive password information by reading engine log files.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:ovirt:ovirt:*:*:*:*:*:*:*:*

Information

Published : 2017-04-20 10:59

Updated : 2017-04-25 12:02


NVD link : CVE-2016-6341

Mitre link : CVE-2016-6341


JSON object : View

CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

Advertisement

dedicated server usa

Products Affected

ovirt

  • ovirt