Redhat » Enterprise Virtualization : Security Vulnerabilities, CVEs, Published In 2017
ovirt-engine-webadmin, as used in Red Hat Enterprise Virtualization Manager (aka RHEV-M) for Servers and RHEV-M 4.0, allows physically proximate attackers to bypass a webadmin session timeout restriction via vectors related to UI selections, which trigger repeating queries.
Max CVSS
6.8
EPSS Score
0.20%
Published
2017-04-20
Updated
2023-02-12
oVirt Engine discloses the ENGINE_HTTPS_PKI_TRUST_STORE_PASSWORD in /var/log/ovirt-engine/engine.log file in RHEV before 4.0.
Max CVSS
5.5
EPSS Score
0.04%
Published
2017-08-22
Updated
2017-08-30
2 vulnerabilities found