Lucene search

K

Ovirt-engine-sdk Security Vulnerabilities

cve
cve

CVE-2014-0161

ovirt-engine-sdk-python before 3.4.0.7 and 3.5.0.4 does not verify that the hostname of the remote endpoint matches the Common Name (CN) or subjectAltName as specified by its x.509 certificate in a TLS/SSL session. This could allow man-in-the-middle attackers to spoof remote endpoints via an...

5.9CVSS

5.6AI Score

0.001EPSS

2020-01-02 06:15 PM
55
cve
cve

CVE-2012-3533

The python SDK before 3.1.0.6 and CLI before 3.1.0.8 for oVirt 3.1 does not check the server SSL certificate against the client keys, which allows remote attackers to spoof a server via a man-in-the-middle (MITM)...

6.8AI Score

0.003EPSS

2012-08-31 08:55 PM
26