CVE-2016-4443
First published: Wed May 11 2016(Updated: )
It was reported that engine-setup logs for RHEV-M contained enough information for extraction of admin password for RHEV-M. Specifically, it contains output of each SQL query with encrypted admin password from the database, and the result of esch external command execution including the openssl command that extracts the private key from the p12 bundle. Having both, encrypted password and private key in the same file gives ability for everyone, who is able to read log file, to obtain admin password. This issue was introduced with following commit: <a href="https://gerrit.ovirt.org/#/c/43578">https://gerrit.ovirt.org/#/c/43578</a>
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Red Hat Enterprise Virtualization | =3.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://gerrit.ovirt.org/#/c/43578
- https://bugzilla.redhat.com/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=POST&bug_status=MODIFIED&bug_status=ON_DEV&bug_status=ON_QA&bug_status=VERIFIED&bug_status=RELEASE_PENDING&bug_status=CLOSED&f1=attachments.filename&list_id=5172899&o1=regexp&query_format=advanced&v1=ovirt-engine-setup-%5B0-9%5D%2B-%5B0-9a-z%5D%2B.log
- https://bugzilla.redhat.com/attachment.cgi?id=1130810
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1195131
- https://bugzilla.redhat.com/attachment.cgi?id=1128009
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1309448
- https://bugzilla.redhat.com/attachment.cgi?id=1118830
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1302374
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1333943
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1335106#c3
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1335106#c7
- https://gerrit.ovirt.org/#/q/If27a19f7725dd53fd4bf2e420bd17135a2102d67,n,z
- https://errata.devel.redhat.com/advisory/23785
- https://rhn.redhat.com/errata/RHSA-2016-1929.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1335106
- http://rhn.redhat.com/errata/RHSA-2016-1929.html
- http://www.securityfocus.com/bid/92751
- http://www.securitytracker.com/id/1036863
Frequently Asked Questions
What is the severity of CVE-2016-4443?
CVE-2016-4443 is rated as a medium severity vulnerability due to the potential exposure of sensitive admin password information.
How do I fix CVE-2016-4443?
To fix CVE-2016-4443, update to the latest patched version of Red Hat Enterprise Virtualization that addresses this vulnerability.
What impact does CVE-2016-4443 have on RHEV-M?
CVE-2016-4443 can allow an attacker to extract the admin password from the engine-setup logs of RHEV-M.
Which versions of Red Hat Enterprise Virtualization are affected by CVE-2016-4443?
CVE-2016-4443 specifically affects Red Hat Enterprise Virtualization version 3.6.
Is there a workaround for CVE-2016-4443 before applying a patch?
There are no documented workarounds for CVE-2016-4443, so it is recommended to apply the patch as soon as it is available.
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/references
- agent/remedy
- agent/last-modified-date
- agent/description
- agent/author
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2016-4443
- agent/trending
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/redhat
- canonical/red hat enterprise virtualization
- version/red hat enterprise virtualization/3.6