19 matches found
CVE-2018-8897
CVE-2018-8897 covers a Linux kernel issue where a mishandled debug exception after MOV SS/POP SS can lead to a local privilege escalation or kernel crash. The vulnerability arises from how the kernel handles stack-switch sequencing and interrupts, potentially enabling privilege escalation in some...
CVE-2009-3552
In RHEV-M VDC 2.2.0, the SSL certificate validation was not performed when using the client-side Red Hat Enterprise Virtualization Manager interface (a WPF-based browser app) to connect to the manager. This allows a local-network attacker to conduct a man-in-the-middle, potentially fooling users ...
CVE-2018-1072
CVE-2018-1072 affects ovirt-engine prior to 4.2.2, where engine-backup logging could expose database credentials. The root cause is unfiltered passwords being written to provisioning logs when using --provision*db, leading to potential disclosure of usernames and passwords via shared logs. Public...
CVE-2011-4316
CVE-2011-4316 affects Red Hat Enterprise Virtualization Manager (RHEV-M) prior to 3.1. The vulnerability arises because the desktop screen is not locked between SPICE sessions under certain conditions, enabling a local user with VM access to view or switch to other users’ desktop sessions via uns...
CVE-2012-0861
The CVE-2012-0861 issue affects Red Hat Enterprise Virtualization Manager (RHEV-M) prior to version 3.1. During host addition, the vds_installer downloads deployUtil.py and vds_bootstrap.py with curl -k, skipping SSL certificate validation. This MITM condition lets an attacker on the local networ...
CVE-2013-2144
Red Hat Enterprise Virtualization Manager (RHEVM) before 3.2 is affected. The issue is inadequate permission checks on the target storage domain when cloning a VM from a snapshot, which can allow an attacker to cause a denial of service via disk space exhaustion on the target domain. Remediation ...
CVE-2012-0860
Concrete details found: CVE-2012-0860 affects Red Hat Enterprise Virtualization Manager (RHEV-M) up to version 3.1. The root cause is that Python configuration scripts (deployUtil.py or vds_bootstrap.py) stored in /tmp/ could be pre-created by a local unprivileged user during host addition, allow...
CVE-2012-2696
CVE-2012-2696 is a privilege-check flaw in the Red Hat Enterprise Virtualization Manager (RHEV-M) backend before 3.1. An authenticated attacker could issue queries against the RHEV-M SOAP or GWT APIs and read data they should not access, indicating an authorisation bypass in the back end. Connect...
CVE-2015-7544
CVE-2015-7544 affects the redhat-support-plugin-rhev component in Red Hat Enterprise Virtualization Manager (RHEV Manager). The root cause is that the log viewer passed a user-specified path/filename directly to the command line, enabling remote authenticated users with the SuperUser role on any ...
CVE-2013-0168
CVE-2013-0168 affects Red Hat Enterprise Virtualization Manager (RHEV-M) 3.1 and earlier. The MoveDisk command fails to properly enforce permissions on storage domains, allowing a privileged storage-domain admin to cause denial of service by consuming free space on other storage domains. The issu...
CVE-2015-0257
CVE-2015-0257 affects Red Hat Enterprise Virtualization (RHEV) Manager (3.5.0 prior to 3.5.1). The vulnerability arises from weak permissions on the directories shared by the ovirt-engine-dwhd service and a plugin during service startup, enabling a local user to read files in the directory and po...
CVE-2010-2793
CVE-2010-2793 describes a race-condition in the SPICE plug-in for Internet Explorer used by Red Hat Enterprise Virtualization Manager (RHEV) prior to 2.2.4. The flaw lets a local attacker potentially gain privileges by exploiting knowledge of a specific named pipe and using ImpersonateNamedPipeCl...
CVE-2012-6115
CVE-2012-6115 affects Red Hat Enterprise Virtualization Manager (RHEV-M) domain management tool: when using rhevm-manage-domains -action=validate on RHEV-M 3.1 and earlier, the administrative password is logged to a world-readable log file. This enables a local attacker to obtain sensitive inform...
CVE-2013-6434
The CVE-2013-6434 issue affects Red Hat Enterprise Virtualization Manager (RHEV‑M) versions prior to 3.3, where the remote-viewer using a native SPICE client invocation initially makes insecure connections to the SPICE server. The underlying cause is how RHEV‑M relays SPICE connection information...
CVE-2015-0237
Summary: Red Hat Enterprise Virtualization Manager (RHEV-M) prior to 3.5.1 is affected by CVE-2015-0237 due to the system ignoring the permission to deny snapshot creation during live storage migration between storage domains. Root cause: permission to deny snapshot creation was ignored, enabling...
CVE-2012-5516
The CVE-2012-5516 issue affects Red Hat Enterprise Virtualization Manager (RHEV-M) around version 3.1, where moving disks between storage domains fails to properly wipe-after-delete. The underlying effect is potential information disclosure from disks not securely deleted, exploitable by a local ...
CVE-2014-3573
CVE-2014-3573 affects the oVirt Engine back end module used in Red Hat Enterprise Virtualization Manager prior to 3.4.2. The issue arises from an insecure DocumentBuilderFactory when loading XML/RSDL documents, enabling XML External Entity (XXE) attacks that could allow a remote attacker to read ...
CVE-2015-5293
CVE-2015-5293 affects Red Hat Enterprise Virtualization Manager (RHEV) 3.6 and earlier. The issue arises when boot protocol is set to None, causing interfaces to receive valid SLAAC IPv6 addresses, which may enable remote attackers to communicate with a system that should be unreachable. The prov...
CVE-2010-2224
CVE-2010-2224 affects Red Hat Enterprise Virtualization Manager (RHEV-M) prior to version 2.2. The issue is that the snapshot merging function does not properly pass the postzero parameter during operations on deleted volumes, which can allow a guest OS to read (inspecting) disk blocks belonging ...