Medium severity5.3OSV Advisory· Published Jun 19, 2018· Updated Jun 17, 2026
CVE-2018-1073
CVE-2018-1073
Description
The web console login form in ovirt-engine before version 4.2.3 returned different errors for non-existent users and invalid passwords, allowing an attacker to discover the names of valid user accounts.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: list, ovirt-engine-3.3-beta1, ovirt-engine-3.3_beta1, …
Patches
Vulnerability mechanics
References
3- www.securityfocus.com/bid/104189nvdThird Party AdvisoryVDB Entry
- access.redhat.com/errata/RHSA-2018:1525nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.