Redhat Quickstart Cloud Installer — known CVE vulnerabilities
Every CVE whose affected-product data names Redhat Quickstart Cloud Installer, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2016-5411 — CVSS 9.8 (critical): /var/lib/ovirt-engine/setup/engine-DC-config.py in Red Hat QuickStart Cloud Installer (QCI) before 1.0 GA is created world readable and…
CVE-2016-6322 — CVSS 8.4 (high): Red Hat QuickStart Cloud Installer (QCI) uses world-readable permissions for /etc/qci/answers, which allows local users to obtain the root…
CVE-2016-6340 — CVSS 8.4 (high): The kickstart file in Red Hat QuickStart Cloud Installer (QCI) forces use of MD5 passwords on deployed systems, which makes it easier for…
CVE-2016-7060 — CVSS 4.6 (medium): The web interface in Red Hat QuickStart Cloud Installer (QCI) 1.0 does not mask passwords fields, which allows physically proximate…