Medium severity6.8NVD Advisory· Published Apr 20, 2017· Updated May 13, 2026

CVE-2016-6338

Description

ovirt-engine-webadmin, as used in Red Hat Enterprise Virtualization Manager (aka RHEV-M) for Servers and RHEV-M 4.0, allows physically proximate attackers to bypass a webadmin session timeout restriction via vectors related to UI selections, which trigger repeating queries.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

bugzilla.redhat.com/show_bug.cginvdExploitIssue Tracking
www.securityfocus.com/bid/92666nvdThird Party AdvisoryVDB Entry
access.redhat.com/errata/RHSA-2017:3427nvd

News mentions

No linked articles in our index yet.

cvss	0.442
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000