VDB

CVE-2022-2805

CVE-2022-2805 PUBLISHED CVSS 6.5 MEDIUM

A flaw was found in ovirt-engine, which leads to the logging of plaintext passwords in the log file when using otapi-style. This flaw allows an attacker with sufficient privileges to read the log file, leading to confidentiality loss.

EPSS 0.11% · 29.1th percentile

Risk Scores

CVSS 3.1
6.5
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS Score
0.11%
29.1th percentile

Affected Products

VendorProductVersions
redhatvirtualization4.0
n/aovirt-engineovirt-engine 4.5.3

Timeline

  • Oct 19, 2022 CVE Published
  • Oct 22, 2022 EPSS Score
  • Dec 5, 2022 EPSS Score
  • Jan 17, 2023 EPSS Score
  • Mar 2, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Apr 15, 2023 EPSS Score
  • May 28, 2023 EPSS Score
  • Jul 11, 2023 EPSS Score
  • Aug 24, 2023 EPSS Score
  • Oct 6, 2023 EPSS Score
  • Nov 19, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›