The domain management tool (rhevm-manage-domains) in Red Hat Enterprise Virtualization Manager (RHEV-M) 3.1 and previous versions, when the validate action is enabled, logs the administrative password to a world-readable log file, which allows local users to obtain sensitive information by reading this file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat enterprise virtualization manager 2.1 |
||
redhat enterprise virtualization manager |
||
redhat enterprise virtualization manager 2.2.3 |
||
redhat enterprise virtualization manager 2.2 |
||
redhat enterprise virtualization manager 3.0 |