High severity7.7NVD Advisory· Published Apr 26, 2018· Updated Jun 17, 2026
CVE-2018-1074
CVE-2018-1074
Description
ovirt-engine API and administration web portal before versions 4.2.2.5, 4.1.11.2 is vulnerable to an exposure of Power Management credentials, including cleartext passwords to Host Administrators. A Host Administrator could use this flaw to gain access to the power management systems of hosts they control.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <4.2.2.5, <4.1.11.2
- unspecified/ovirt-enginev5Range: ovirt-engine 4.2.2.5
Patches
Vulnerability mechanics
References
2- access.redhat.com/errata/RHBA-2018:1219nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.