6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
49.6%
The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning.
Security Fix(es):
follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor (CVE-2022-0155)
ovirt-engine: RHVM admin password is logged unfiltered when using otopi-style (CVE-2022-2805)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
Ghost OVFs are written when using floating SD to migrate VMs between 2 RHV environments. (BZ#1705338)
RHV engine is reporting a delete disk with wipe as completing successfully when it actually fails from a timeout. (BZ#1836318)
[DR] Failover / Failback HA VM Fails to be started due to ‘VM XXX is being imported’ (BZ#1968433)
Virtual Machine with lease fails to run on DR failover (BZ#1974535)
Disk is missing after importing VM from Storage Domain that was detached from another DC. (BZ#1983567)
Unable to switch RHV host into maintenance mode as there are image transfer in progress (BZ#2123141)
not able to import disk in 4.5.2 (BZ#2134549)
Enhancement(s):
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
49.6%