2 matches found
Authorization Bypass
ovirt-engine-extension-aaa-jdbc is vulnerable to authorization bypass attacks. The vulnerability exists when updating a password in the rhvm database the ovirt-aaa-jdbc-tool tools before 1.1.3 fail to correctly check for the current password if it is expired. This would allow access to an attacke...
RHEL 7 : ovirt-engine-extension-aaa-jdbc (RHSA-2017:0257)
An update for ovirt-engine-extension-aaa-jdbc is now available for RHEV Engine version 4.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...