VYPR
High severity7.7NVD Advisory· Published Apr 26, 2018· Updated Jun 17, 2026

CVE-2018-1074

CVE-2018-1074

Description

ovirt-engine API and administration web portal before versions 4.2.2.5, 4.1.11.2 is vulnerable to an exposure of Power Management credentials, including cleartext passwords to Host Administrators. A Host Administrator could use this flaw to gain access to the power management systems of hosts they control.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Range: <4.2.2.5, <4.1.11.2
  • unspecified/ovirt-enginev5
    Range: ovirt-engine 4.2.2.5

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.