2 matches found
CVE-2017-2614
The CVE-2017-2614 issue affects ovirt-engine-extension-aaa-jdbc and the ovirt-aaa-jdbc-tool prior to 1.1.3. The root cause is that the tool fails to correctly verify the current password when it is expired during password updates in the rhvm database, allowing an attacker with access to change su...
CVE-2017-2614
When updating a password in the rhvm database the ovirt-aaa-jdbc-tool tools fail to correctly check for the current password if it is expired. This would allow access to an attacker with access to change the password on accounts with expired passwords, gaining access to those accounts...