Unrated severityOSV Advisory· Published Sep 26, 2024· Updated Jan 8, 2026

Ovirt-engine: potential exposure of cleartext provider passwords via web ui

CVE-2024-7259

Description

A flaw was found in oVirt. A user with administrator privileges, including users with the ReadOnlyAdmin permission, may be able to use browser developer tools to view Provider passwords in cleartext.

Affected products

Ovirt/Ovirt EngineOSV
Range: list, ovirt-engine-3.3-beta1, ovirt-engine-3.3_beta1, …
Ovirt/Ovirtllm-fuzzy

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

access.redhat.com/security/cve/CVE-2024-7259mitrevdb-entryx_refsource_REDHAT
bugzilla.redhat.com/show_bug.cgimitreissue-trackingx_refsource_REDHAT

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000