CVE-2016-7060

EUVD-2016-7940
The web interface in Red Hat QuickStart Cloud Installer (QCI) 1.0 does not mask passwords fields, which allows physically proximate attackers to obtain sensitive password information by reading the display.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.6 MEDIUM
PHYSICAL
LOW
NONE
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 23%
Affected Products (NVD)
VendorProductVersion
redhatquickstart_cloud_installer
1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/97678
https://access.redhat.com/errata/RHSA-2017:0256
https://bugzilla.redhat.com/show_bug.cgi?id=1379909
http://www.securityfocus.com/bid/97678
https://access.redhat.com/errata/RHSA-2017:0256
https://bugzilla.redhat.com/show_bug.cgi?id=1379909