World-readable root password vulnerability in Red Hat QuickStart Cloud Installer (QCI)

World-readable root password vulnerability in Red Hat QuickStart Cloud Installer (QCI)

CVE-2016-5411 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

/var/lib/ovirt-engine/setup/engine-DC-config.py in Red Hat QuickStart Cloud Installer (QCI) before 1.0 GA is created world readable and contains the root password of the deployed system.

Learn more about our Cloud Audit.