9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.005 Low
EPSS
Percentile
76.0%
The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning.
Security fix(es):
mina-sshd: Java unsafe deserialization vulnerabilityΒ (CVE-2022-45047)
isomorphic-git: Directory traversal via a crafted repository (CVE-2021-30483)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
With this release, SELinux rules for the Grafana HTTP port are now properly set up for new remote DWH installations as part of the Red Hat Virtualization Manager engine-setup. (BZ#2126778)
Previously, search conditions were not applied properly when a non-admin user tried to search for Clusters or Data Centers over the REST API. In this release, both admin and non-admin users can search for clusters properly using the REST API. (BZ#2144346)
Previously, stale bitmaps in the base image during a cold or live internal merge caused the operation to fail. In this release, the merge operation succeeds. (BZ#2141371)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 8 | noarch | ovirt-engine-dbscripts | <Β 4.5.3.5-1.el8ev | ovirt-engine-dbscripts-4.5.3.5-1.el8ev.noarch.rpm |
RedHat | 8 | noarch | vdsm-http | <Β 4.50.3.6-1.el8ev | vdsm-http-4.50.3.6-1.el8ev.noarch.rpm |
RedHat | 8 | ppc64le | vdsm-hook-checkips | <Β 4.50.3.6-1.el8ev | vdsm-hook-checkips-4.50.3.6-1.el8ev.ppc64le.rpm |
RedHat | 8 | noarch | ovirt-engine-tools-backup | <Β 4.5.3.5-1.el8ev | ovirt-engine-tools-backup-4.5.3.5-1.el8ev.noarch.rpm |
RedHat | 8 | noarch | rhv-log-collector-analyzer | <Β 1.0.16-1.el8ev | rhv-log-collector-analyzer-1.0.16-1.el8ev.noarch.rpm |
RedHat | 8 | noarch | vdsm-api | <Β 4.50.3.6-1.el8ev | vdsm-api-4.50.3.6-1.el8ev.noarch.rpm |
RedHat | 8 | noarch | vdsm-common | <Β 4.50.3.6-1.el8ev | vdsm-common-4.50.3.6-1.el8ev.noarch.rpm |
RedHat | 8 | noarch | vdsm-python | <Β 4.50.3.6-1.el8ev | vdsm-python-4.50.3.6-1.el8ev.noarch.rpm |
RedHat | 8 | noarch | ovirt-engine-setup-plugin-cinderlib | <Β 4.5.3.5-1.el8ev | ovirt-engine-setup-plugin-cinderlib-4.5.3.5-1.el8ev.noarch.rpm |
RedHat | 8 | noarch | vdsm-hook-vhostmd | <Β 4.50.3.6-1.el8ev | vdsm-hook-vhostmd-4.50.3.6-1.el8ev.noarch.rpm |
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.005 Low
EPSS
Percentile
76.0%