High severity7.2NVD Advisory· Published Jul 27, 2018· Updated Jun 17, 2026
CVE-2017-15113
CVE-2017-15113
Description
ovirt-engine before version 4.1.7.6 with log level set to DEBUG includes passwords in the log file without masking. Only administrators can change the log level and only administrators can access the logs. This presents a risk when debug-level logs are shared with vendors or other parties to troubleshoot issues.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.ovirt.engine.sdk:ovirt-engine-sdk-javaMaven | < 4.1.7.6 | 4.1.7.6 |
Affected products
2- Range: 4.1.7.6
Patches
Vulnerability mechanics
References
8- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party AdvisoryWEB
- www.securityfocus.com/bid/101933nvdThird Party AdvisoryVDB Entry
- access.redhat.com/errata/RHEA-2017:3138nvdThird Party AdvisoryWEB
- github.com/advisories/GHSA-m833-87vf-576cghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-15113ghsaADVISORY
- gerrit.ovirt.org/gitwebghsaWEB
- web.archive.org/web/20210124121521/https://www.securityfocus.com/bid/101933ghsaWEB
- gerrit.ovirt.org/gitwebnvd
News mentions
0No linked articles in our index yet.