CVE-2014-0184

Red Hat CloudForms 3.0 Management Engine (CFME) before 5.2.4.2 logs the root password when deploying a VM, which allows local users to obtain sensitive information by reading the evm.log file.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:redhat:cloudforms_3.0_management_engine:*:*:*:*:*:*:*:*
cpe:2.3:a:redhat:cloudforms_3.0_management_engine:5.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:cloudforms_3.0_management_engine:5.2.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:cloudforms_3.0_management_engine:5.2.1.6:*:*:*:*:*:*:*
cpe:2.3:a:redhat:cloudforms_3.0_management_engine:5.2.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:cloudforms_3.0_management_engine:5.2.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:cloudforms_3.0_management_engine:5.2.3.2:*:*:*:*:*:*:*

History

21 Nov 2024, 02:01

Type Values Removed Values Added
References () http://rhn.redhat.com/errata/RHSA-2014-0816.html - Vendor Advisory () http://rhn.redhat.com/errata/RHSA-2014-0816.html - Vendor Advisory

Information

Published : 2014-07-07 14:55

Updated : 2024-11-21 02:01


NVD link : CVE-2014-0184

Mitre link : CVE-2014-0184

CVE.ORG link : CVE-2014-0184


JSON object : View

Products Affected

redhat

  • cloudforms_3.0_management_engine
CWE
CWE-255

Credentials Management Errors