Vulnerabilities (CVE)

Filtered by vendor Redhat Subscribe

Filtered by product Quickstart Cloud Installer

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2016-6322	1 Redhat	2 Enterprise Linux, Quickstart Cloud Installer	2016-09-22	7.2 HIGH	8.4 HIGH
Red Hat QuickStart Cloud Installer (QCI) uses world-readable permissions for /etc/qci/answers, which allows local users to obtain the root password for the deployed system by reading the file.
CVE-2016-6340	1 Redhat	2 Enterprise Linux, Quickstart Cloud Installer	2016-09-22	2.1 LOW	8.4 HIGH
The kickstart file in Red Hat QuickStart Cloud Installer (QCI) forces use of MD5 passwords on deployed systems, which makes it easier for attackers to determine cleartext passwords via a brute-force attack.