The rhevm-log-collector package in Red Hat Enterprise Virtualization 3.4 uses the PostgreSQL database password on the command line when calling sosreport, which allows local users to obtain sensitive information by listing the processes.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2014-12-05T16:00:00
Updated: 2024-08-06T10:50:17.352Z
Reserved: 2014-05-14T00:00:00
Link: CVE-2014-3561
Vulnrichment
No data.
NVD
Status : Modified
Published: 2014-12-05T16:59:02.970
Modified: 2024-11-21T02:08:22.497
Link: CVE-2014-3561
Redhat