CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-3561

The rhevm-log-collector package in Red Hat Enterprise Virtualization 3.4 uses the PostgreSQL database password on the command line when calling sosreport, which allows local users to obtain sensitive information by listing the processes.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 29.2%

CVSS Severity

CVSS v2 Score 2.1

References

http://rhn.redhat.com/errata/RHSA-2014-1947.html
http://www.securitytracker.com/id/1031291
https://exchange.xforce.ibmcloud.com/vulnerabilities/99096
http://rhn.redhat.com/errata/RHSA-2014-1947.html
http://www.securitytracker.com/id/1031291
https://exchange.xforce.ibmcloud.com/vulnerabilities/99096

Products affected by CVE-2014-3561

Redhat » Enterprise Virtualization » Version: 3.4

cpe:2.3:a:redhat:enterprise_virtualization:3.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-3561

Products

Pricing

Contact Us