CVE-2018-1000018

An information disclosure in ovirt-hosted-engine-setup prior to 2.2.7 reveals the root user's password in the log file.
References
Link Resource
https://bugzilla.redhat.com/show_bug.cgi?id=1536941 Exploit Issue Tracking Third Party Advisory
https://gerrit.ovirt.org/#/c/86635/ Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:ovirt:ovirt-hosted-engine-setup:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-01-24 14:29

Updated : 2024-02-28 16:25


NVD link : CVE-2018-1000018

Mitre link : CVE-2018-1000018

CVE.ORG link : CVE-2018-1000018


JSON object : View

Products Affected

ovirt

  • ovirt-hosted-engine-setup
CWE
CWE-532

Insertion of Sensitive Information into Log File