CVE-2019-10194

Sensitive passwords used in deployment and configuration of oVirt Metrics, all versions. were found to be insufficiently protected. Passwords could be disclosed in log files (if playbooks are run with -v) or in playbooks stored on Metrics or Bastion hosts.
References
Link Resource
http://www.securityfocus.com/bid/109140 Broken Link Third Party Advisory VDB Entry
https://access.redhat.com/errata/RHSA-2019:2499 Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10194 Issue Tracking Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:ovirt:ovirt:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:redhat:virtualization_manager:4.3:*:*:*:*:*:*:*

History

01 Mar 2023, 16:32

Type Values Removed Values Added
CPE cpe:2.3:a:redhat:virtualization_manager:4.3:*:*:*:*:*:*:*
References (REDHAT) https://access.redhat.com/errata/RHSA-2019:2499 - (REDHAT) https://access.redhat.com/errata/RHSA-2019:2499 - Third Party Advisory
References (BID) http://www.securityfocus.com/bid/109140 - Third Party Advisory (BID) http://www.securityfocus.com/bid/109140 - Broken Link, Third Party Advisory, VDB Entry

Information

Published : 2019-07-11 19:15

Updated : 2024-02-04 20:20


NVD link : CVE-2019-10194

Mitre link : CVE-2019-10194

CVE.ORG link : CVE-2019-10194


JSON object : View

Products Affected

redhat

  • virtualization_manager

ovirt

  • ovirt
CWE
CWE-532

Insertion of Sensitive Information into Log File