Redhat Rhevm-Reports vulnerabilities
3 known vulnerabilities affecting redhat/rhevm-reports.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
LOW3
Vulnerabilities
Page 1 of 1
CVE-2014-0201LOWCVSS 2.1≤ 3.3v3.0+2 more2014-05-29
CVE-2014-0201 [LOW] CWE-264 CVE-2014-0201: ovirt-engine-reports, as used in the Red Hat Enterprise Virtualization reports package (rhevm-report
ovirt-engine-reports, as used in the Red Hat Enterprise Virtualization reports package (rhevm-reports) before 3.3.3, uses world-readable permissions on configuration files, which allows local users to obtain sensitive information by reading the files.
nvd
CVE-2014-0200LOWCVSS 2.1≤ 3.3.3v3.0+3 more2014-05-29
CVE-2014-0200 [LOW] CWE-264 CVE-2014-0200: The Red Hat Enterprise Virtualization Manager reports (rhevm-reports) package before 3.3.3-1 uses wo
The Red Hat Enterprise Virtualization Manager reports (rhevm-reports) package before 3.3.3-1 uses world-readable permissions on the datasource configuration file (js-jboss7-ds.xml), which allows local users to obtain sensitive information by reading the file.
nvd
CVE-2014-0199LOWCVSS 2.1≤ 3.3v3.0+2 more2014-05-29
CVE-2014-0199 [LOW] CWE-310 CVE-2014-0199: The setup script in ovirt-engine-reports, as used in the Red Hat Enterprise Virtualization reports (
The setup script in ovirt-engine-reports, as used in the Red Hat Enterprise Virtualization reports (rhevm-reports) package before 3.3.3, stores the reports database password in cleartext, which allows local users to obtain sensitive information by reading an unspecified file.
nvd