Unrated severityNVD Advisory· Published Sep 8, 2014· Updated Jun 17, 2026
CVE-2014-0152
CVE-2014-0152
Description
Session fixation vulnerability in the web admin interface in oVirt 3.4.0 and earlier allows remote attackers to hijack web sessions via unspecified vectors.
Affected products
11cpe:2.3:a:redhat:ovirt-engine:3.0.0:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:redhat:ovirt-engine:3.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:ovirt-engine:3.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:ovirt-engine:3.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:ovirt-engine:3.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:ovirt-engine:3.3.2:rc1:*:*:*:*:*:*
- cpe:2.3:a:redhat:ovirt-engine:3.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:ovirt-engine:3.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:ovirt-engine:3.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:ovirt-engine:3.4.0:rc1:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
2- gerrit.ovirt.orgnvdPatch
- www.ovirt.org/Security_advisoriesnvdPatchVendor Advisory
News mentions
0No linked articles in our index yet.