Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2016-6338

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ovirt-engine-webadmin, as used in Red Hat Enterprise Virtualization Manager aka RHEV-M for Servers and RHEV-M 4.0, allows physically proximate attackers to bypa...

6.8CVSS6.9AI score0.00519EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.25 views

RHEL 7 : ovirt-engine (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ovirt-engine: webadmin log out must logout all sessions CVE-2016-6338 - ovirt-engine: API exposes power...

6.1CVSS6.3AI score0.0274EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2017/12/13 12:0 a.m.55 views

RHEL 7 : org.ovirt.engine-root (RHSA-2017:3427)

An update for org.ovirt.engine-root is now available for Red Hat Virtualization Manager version 4.1. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

6.8CVSS5.9AI score0.00519EPSS
Exploits1References3
OSV
OSV
added 2017/04/20 5:59 p.m.5 views

CVE-2016-6338

ovirt-engine-webadmin, as used in Red Hat Enterprise Virtualization Manager aka RHEV-M for Servers and RHEV-M 4.0, allows physically proximate attackers to bypass a webadmin session timeout restriction via vectors related to UI selections, which trigger repeating queries...

6.8CVSS5.8AI score0.00519EPSS
Exploits1References3
CVE
CVE
added 2017/04/20 5:0 p.m.69 views

CVE-2016-6338

The CVE-2016-6338 issue affects ovirt-engine-webadmin (used by Red Hat Enterprise Virtualization Manager, RHEV-M, and RHEV-M 4.0). Root cause: webadmin session timeouts not properly enforced, enabling bypass via UI-driven actions that trigger repeating queries. Impact: potential session hijack/by...

6.8CVSS6.5AI score0.00519EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2017/04/20 5:0 p.m.43 views

CVE-2016-6338

ovirt-engine-webadmin, as used in Red Hat Enterprise Virtualization Manager aka RHEV-M for Servers and RHEV-M 4.0, allows physically proximate attackers to bypass a webadmin session timeout restriction via vectors related to UI selections, which trigger repeating queries...

6.5AI score0.00519EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2016/08/28 2:18 a.m.33 views

CVE-2016-6338

It was discovered that the ovirt-engine webadmin session would not properly enforce timeouts. Browser sessions would remain logged in beyond the administratively configured session timeout period...

6.8CVSS1.9AI score0.00519EPSS
Exploits1References1
Rows per page
Query Builder