CVE-2019-10139 – During HE deployment via cockpit-ovirt, cockpit-ovirt generates an ansible variable file ` …

Vuln ID: CVE-2019-10139

Published:  2019-05-17  16:29:03Z

Description: During HE deployment via cockpit-ovirt, cockpit-ovirt generates an ansible variable file `/var/lib/ovirt-hosted-engine-setup/cockpit/ansibleVarFileXXXXXX.var` which contains the admin and the appliance passwords as plain-text. At the of the deployment procedure, these files are deleted.

Source: NVD.NIST.GOV

 

Tags