1 results (0.002 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

During HE deployment via cockpit-ovirt, cockpit-ovirt generates an ansible variable file `/var/lib/ovirt-hosted-engine-setup/cockpit/ansibleVarFileXXXXXX.var` which contains the admin and the appliance passwords as plain-text. At the of the deployment procedure, these files are deleted. Durante la implementación de HE a través de cockpit-ovirt, cockpit-ovirt genera un archivo variable ansible `/ var / lib / ovirt-hosts-configuración-cockpit / ansibleVarFileXXXXXX.var` que contiene las contraseñas del administrador y del dispositivo como plain-text. En el momento del procedimiento de implementación, estos archivos se suprimen. • http://www.securityfocus.com/bid/108396 https://access.redhat.com/errata/RHSA-2019:2433 https://access.redhat.com/errata/RHSA-2019:2437 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10139 https://access.redhat.com/security/cve/CVE-2019-10139 https://bugzilla.redhat.com/show_bug.cgi?id=1709829 • CWE-311: Missing Encryption of Sensitive Data CWE-522: Insufficiently Protected Credentials •