Medium severity5.0NVD Advisory· Published Jun 12, 2018· Updated Jun 17, 2026
CVE-2018-1075
CVE-2018-1075
Description
ovirt-engine up to version 4.2.3 is vulnerable to an unfiltered password when choosing manual db provisioning. When engine-setup was run and one chooses to provision the database manually or connect to a remote database, the password input was logged in cleartext during the verification step. Sharing the provisioning log might inadvertently leak database passwords.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=4.2.3+ 1 more
- (no CPE)range: <=4.2.3
- (no CPE)range: <=4.2.3
Patches
Vulnerability mechanics
References
3- access.redhat.com/errata/RHSA-2018:2071nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- gerrit.ovirt.orgnvdVendor Advisory
News mentions
0No linked articles in our index yet.