An information disclosure in ovirt-hosted-engine-setup prior to 2.2.7 reveals the root user's password in the log...
7.8CVSS
7.2AI Score
0.0005EPSS
ovirt-engine before version ovirt 4.2.2 is vulnerable to an information exposure through log files. When engine-backup was run with one of the options "--provision*db", the database username and password were logged in cleartext. Sharing the provisioning log might inadvertently leak database...
9.8CVSS
9.3AI Score
0.002EPSS