World-readable permissions for /etc/qci/answers in Red Hat QuickStart Cloud Installer (QCI) allows unauthorized access to root password
CVE-2016-6322 · HIGH Severity
AV:L/AC:L/AU:N/C:C/I:C/A:C
Red Hat QuickStart Cloud Installer (QCI) uses world-readable permissions for /etc/qci/answers, which allows local users to obtain the root password for the deployed system by reading the file.
Learn more about our Cloud Audit.