2 matches found
ovirt-aaa-jdbc-tool unauthorized access vulnerability
ovirt-aaa-jdbc-tool tools is a tool for storing authentication and authorization data in a database. A security vulnerability exists in versions of ovirt-aaa-jdbc-tool tools prior to 1.1.3, which stems from the program failing to properly verify that the current password is not invalid. An attack...
CVE-2017-2614
When updating a password in the rhvm database the ovirt-aaa-jdbc-tool tools before 1.1.3 fail to correctly check for the current password if it is expired. This would allow access to an attacker with access to change the password on accounts with expired passwords, gaining access to those account...