VYPR
Medium severity5.0NVD Advisory· Published Jun 12, 2018· Updated Jun 17, 2026

CVE-2018-1075

CVE-2018-1075

Description

ovirt-engine up to version 4.2.3 is vulnerable to an unfiltered password when choosing manual db provisioning. When engine-setup was run and one chooses to provision the database manually or connect to a remote database, the password input was logged in cleartext during the verification step. Sharing the provisioning log might inadvertently leak database passwords.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Ovirt/Ovirt Engineinferred2 versions
    <=4.2.3+ 1 more
    • (no CPE)range: <=4.2.3
    • (no CPE)range: <=4.2.3

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.