3.6 Plain Text Visibility of Sensitive Information

The following table outlines where sensitive information might be visible as plain text:

Table 3-1 Locations Where Sensitive Information Might Be Stored As Plaint Text


Storage Location

Visibility Issue

VM configuration data

MS SQLite database

The VM configuration data can be viewed by anyone.

Orchestrator Server credentials

VM Warehouse configuration file

The VM Warehouse stores this information as plain text in a configuration file that is readable as root.

By default, the repository is located in:


If necessary, you can determine the configuration file’s location using the vmr cn -a command.

Audit Database configuration

ZOS properties sotre

Contains plain text information including user/password for allowing ZENworks Orchestrator to log into the Audit Database (i.e. mysql) for logging.

You should use a non-privileged database account for logging.