Lucene search

K
RedhatEnterprise Virtualization Manager

5 matches found

CVE
CVE
added 2015/05/01 3:59 p.m.41 views

CVE-2015-0257

Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 uses weak permissions on the directories shared by the ovirt-engine-dwhd service and a plugin during service startup, which allows local users to obtain sensitive information by reading files in the directory.

2.1CVSS6AI score0.00042EPSS
CVE
CVE
added 2013/01/04 10:55 p.m.40 views

CVE-2012-2696

The backend in Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.1 does not properly check privileges, which allows remote authenticated users to query arbitrary information via a (1) SOAP or (2) GWT request.

2.7CVSS6.3AI score0.00143EPSS
CVE
CVE
added 2013/03/12 11:55 p.m.37 views

CVE-2012-6115

The domain management tool (rhevm-manage-domains) in Red Hat Enterprise Virtualization Manager (RHEV-M) 3.1 and earlier, when the validate action is enabled, logs the administrative password to a world-readable log file, which allows local users to obtain sensitive information by reading this file.

2.1CVSS6AI score0.00064EPSS
CVE
CVE
added 2013/01/04 10:55 p.m.33 views

CVE-2012-5516

Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.1, when moving disks between storage domains, does not properly wipe-after-delete, which prevents disks from being securely deleted and might allow local users to obtain sensitive information via unspecified vectors.

2.1CVSS6AI score0.00068EPSS
CVE
CVE
added 2010/06/24 5:30 p.m.32 views

CVE-2010-2224

The snapshot merging functionality in Red Hat Enterprise Virtualization Manager (aka RHEV-M) before 2.2 does not properly pass the postzero parameter during operations on deleted volumes, which allows guest OS users to obtain sensitive information by examining the disk blocks associated with a dele...

2.1CVSS6.1AI score0.00068EPSS