Security Advisory

CVE-2018-1117

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-06-19 13:00:00

Last updated 2024-08-05 03:51:48

Assigner redhat

State PUBLISHED

Description

ovirt-ansible-roles before version 1.0.6 has a vulnerability due to a missing no_log directive, resulting in the Add oVirt Provider to ManageIQ/CloudForms playbook inadvertently disclosing admin passwords in the provisioning log. In an environment where logs are shared with other parties, this could lead to privilege escalation.

← Browse all CVEs View on cve.org ↗