CVE-2016-5432

The ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization (RHEV) Engine 4.0 allows local users to obtain sensitive database provisioning information by reading log files.

Published: Oct 3, 2016
Updated: Apr 13, 2023
CVE: CVE-2016-5432
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 3.3
AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-532

Affected Software
References

Software	From	Fixed in
redhat / enterprise_virtualization	4.0	4.0.x

http://rhn.redhat.com/errata/RHSA-2016-1967.html
http://www.securityfocus.com/bid/92694
https://bugzilla.redhat.com/show_bug.cgi?id=1371428
https://gerrit.ovirt.org/#/q/I40c88ad48f8f7c2b8e06802137870b0c198b5129

Vulnerability Database

289,784

CVE-2016-5432