Vulnerabilities > Redhat > Cloudforms Cloud Engine > 1.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-03-12 | CVE-2012-6117 | Permissions, Privileges, and Access Controls vulnerability in Redhat Cloudforms Cloud Engine 1.0/1.1 Aeolus Configuration Server, as used in Red Hat CloudForms Cloud Engine before 1.1.2, uses world-readable permissions for /var/log/aeolus-configserver/configserver.log, which allows local users to read plaintext passwords by reading the log file. | 2.1 |