CVE-2019-10194

medium

Description

Sensitive passwords used in deployment and configuration of oVirt Metrics, all versions. were found to be insufficiently protected. Passwords could be disclosed in log files (if playbooks are run with -v) or in playbooks stored on Metrics or Bastion hosts.

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10194

https://access.redhat.com/errata/RHSA-2019:2499

http://www.securityfocus.com/bid/109140

Details

Source: Mitre, NVD

Published: 2019-07-11

Updated: 2023-03-01

Risk Information

CVSS v2

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

Severity: Low

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Severity: Medium