Lucene search
HistorySep 08, 2014 - 2:55 p.m.
CVE-2014-0152
cve-2014-0152
session fixation
ovirt
web admin interface
remote attackers
web sessions
6.8 Medium
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.007 Low
EPSS
Percentile
79.6%
Session fixation vulnerability in the web admin interface in oVirt 3.4.0 and earlier allows remote attackers to hijack web sessions via unspecified vectors.
Affected configurations
Node
ovirtovirtRangeβ€3.4.0
ORredhatovirt-engineMatch3.0.0
ORredhatovirt-engineMatch3.1.0
ORredhatovirt-engineMatch3.2.0
ORredhatovirt-engineMatch3.3.0
ORredhatovirt-engineMatch3.3.2rc1
ORredhatovirt-engineMatch3.3.3
ORredhatovirt-engineMatch3.3.4
ORredhatovirt-engineMatch3.3.5
ORredhatovirt-engineMatch3.4.0rc1
Related
prion
prion
Session fixation
2014-09-08 14:55:00
nvd
nvd
CVE-2014-0152
2014-09-08 14:55:02
cvelist
cvelist
CVE-2014-0152
2014-09-08 14:00:00
seebug
seebug
oVirtθ·¨η«θ―·ζ±δΌͺι ζΌζ΄
2014-04-03 00:00:00
redhat
redhat
nessus
nessus
RHEL 6 : rhevm (RHSA-2014:0506)
2014-11-08 00:00:00
6.8 Medium
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.007 Low
EPSS
Percentile
79.6%
Related for CVE-2014-0152