Unrated severityNVD Advisory· Published Dec 5, 2014· Updated May 6, 2026

CVE-2014-3561

Description

The rhevm-log-collector package in Red Hat Enterprise Virtualization 3.4 uses the PostgreSQL database password on the command line when calling sosreport, which allows local users to obtain sensitive information by listing the processes.

Affected products

Red Hat/Enterprise Virtualization
cpe:2.3:a:redhat:enterprise_virtualization:3.4:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

rhn.redhat.com/errata/RHSA-2014-1947.htmlnvdVendor Advisory
www.securitytracker.com/id/1031291nvd
exchange.xforce.ibmcloud.com/vulnerabilities/99096nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000