2 matches found
RHEL 7 : ovirt-engine (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ovirt-engine: webadmin log out must logout all sessions CVE-2016-6338 - ovirt-engine: API exposes power...
CVE-2018-1074
CVE-2018-1074 affects ovirt-engine API and administration web portal before versions 4.2.2.5 and 4.1.11.2, exposing Power Management credentials (cleartext passwords) to Host Administrators who control the hosts. This could allow escalation to power-management systems. Connected sources confirm t...