Sensitive Information Disclosure in Red Hat CloudForms 3.0 Management Engine (CFME) before 5.2.4.2

Sensitive Information Disclosure in Red Hat CloudForms 3.0 Management Engine (CFME) before 5.2.4.2

CVE-2014-0184 · MEDIUM Severity

AV:L/AC:L/AU:N/C:C/I:N/A:N

Red Hat CloudForms 3.0 Management Engine (CFME) before 5.2.4.2 logs the root password when deploying a VM, which allows local users to obtain sensitive information by reading the evm.log file.

Learn more about our Cloud Audit.