World-readable permissions for /etc/sysconfig/virt-who allow local users to obtain hypervisor passwords

World-readable permissions for /etc/sysconfig/virt-who allow local users to obtain hypervisor passwords

CVE-2014-0189 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

virt-who uses world-readable permissions for /etc/sysconfig/virt-who, which allows local users to obtain password for hypervisors by reading the file.

Learn more about our User Device Pen Test.