Weak Permissions on Shared Directories in Red Hat Enterprise Virtualization (RHEV) Manager

CVE-2015-0257 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 uses weak permissions on the directories shared by the ovirt-engine-dwhd service and a plugin during service startup, which allows local users to obtain sensitive information by reading files in the directory.

Learn more about our User Device Pen Test.