Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2015/09/01 12:0 a.m.26 views

RHEL 6 : Virtualization Manager (RHSA-2015:0158)

Red Hat Enterprise Virtualization Manager 3.5.0 is now available. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links...

6.8CVSS5.9AI score0.09149EPSS
Exploits2References10
Cvelist
Cvelist
added 2015/02/13 3:0 p.m.25 views

CVE-2014-0151

Cross-site request forgery CSRF vulnerability in oVirt Engine before 3.5.0 beta2 allows remote attackers to hijack the authentication of users for requests that perform unspecified actions via a REST API request...

7AI score0.00644EPSS
Exploits1References3
CVE
CVE
added 2015/02/13 3:0 p.m.74 views

CVE-2014-0151

The CVE-2014-0151 CSRF flaw affects oVirt Engine prior to 3.5.0 beta2, enabling a remote attacker to hijack a legitimate user’s session by crafting a page that triggers REST API actions. Root cause is a CSRF vulnerability in the oVirt REST API, with the trusted session reused for unintended reque...

6.8CVSS7.2AI score0.00644EPSS
Exploits1References3Affected Software1
RedHat Linux
RedHat Linux
added 2015/02/11 5:38 p.m.45 views

Important: Red Hat Security Advisory: Red Hat Enterprise Virtualization Manager 3.5.0

Red Hat Enterprise Virtualization Manager 3.5.0 is now available. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links...

6.8CVSS6.2AI score0.09149EPSS
Exploits2References184
seebug.org
seebug.org
added 2014/04/03 12:0 a.m.26 views

oVirt会话固定漏洞

CVE ID:CVE-2014-0151 oVirt是一个虚拟化平台,一个易于使用的Web界面。 处理会话时的错误可被攻击者利用,通过欺骗用户登录特制链后,劫持其他用户的会话。 0 oVirt 3.x 目前没有详细解决方案: http://www.ovirt.org/Home...

6.8CVSS6.6AI score0.00644EPSS
Exploits1
Rows per page
Query Builder