Unrated severityNVD Advisory· Published Jun 26, 2018· Updated Aug 5, 2024
CVE-2018-1072
CVE-2018-1072
Description
ovirt-engine before version ovirt 4.2.2 is vulnerable to an information exposure through log files. When engine-backup was run with one of the options "--provision*db", the database username and password were logged in cleartext. Sharing the provisioning log might inadvertently leak database passwords.
Affected products
1- Range: <4.2.2
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- access.redhat.com/errata/RHSA-2018:2071mitrevendor-advisoryx_refsource_REDHAT
- bugzilla.redhat.com/show_bug.cgimitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.