First published: Tue Jul 02 2019(Updated: )
Sensitive passwords used in deployment and configuration of oVirt Metrics, all versions. were found to be insufficiently protected. Passwords could be disclosed in log files (if playbooks are run with -v) or in playbooks stored on Metrics or Bastion hosts.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Ovirt Ovirt | ||
Redhat Virtualization Manager | =4.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-10194 is a vulnerability that affects oVirt Metrics and Redhat Virtualization Manager versions 4.3. It allows sensitive passwords used in deployment and configuration of the software to be disclosed in log files or playbooks.
CVE-2019-10194 has a severity score of 5.5, which is classified as medium.
CVE-2019-10194 affects all versions of oVirt Metrics and specifically version 4.3 of Redhat Virtualization Manager.
Sensitive passwords can be disclosed in log files if playbooks are run with the -v flag or in playbooks stored on Metrics or Bastion hosts.
You can find more information about CVE-2019-10194 at the following references: [1] [2] [3]