Redhat Quickstart_cloud_installer
4 CVEs affecting Redhat Quickstart_cloud_installer. Latest disclosed: 2017-06-13. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2016-5411 | Critical | 9.8 | 2017-06-13 | /var/lib/ovirt-engine/setup/engine-DC-config.py in Red Hat QuickStart Cloud Installer (QCI) before 1.0 GA is created world readable and contains the root passw… |
CVE-2016-6340 | High | 8.4 | 2016-09-22 | The kickstart file in Red Hat QuickStart Cloud Installer (QCI) forces use of MD5 passwords on deployed systems, which makes it easier for attackers to determin… |
CVE-2016-6322 | High | 8.4 | 2016-09-22 | Red Hat QuickStart Cloud Installer (QCI) uses world-readable permissions for /etc/qci/answers, which allows local users to obtain the root password for the dep… |
CVE-2016-7060 | Medium | 4.6 | 2017-04-14 | The web interface in Red Hat QuickStart Cloud Installer (QCI) 1.0 does not mask passwords fields, which allows physically proximate attackers to obtain sensiti… |