RHEV Manager
by Red Hat
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-4443 | Med | 0.36 | 5.5 | 0.00 | Dec 14, 2016 | Red Hat Enterprise Virtualization (RHEV) Manager 3.6 allows local users to obtain encryption keys, certificates, and other sensitive information by reading the engine-setup log file. | ||
| CVE-2015-0257 | 0.00 | — | 0.00 | May 1, 2015 | Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 uses weak permissions on the directories shared by the ovirt-engine-dwhd service and a plugin during service startup, which allows local users to obtain sensitive information by reading files in the directory. | |||
| CVE-2015-0237 | 0.00 | — | 0.02 | May 1, 2015 | Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 ignores the permission to deny snapshot creation during live storage migration between domains, which allows remote authenticated users to cause a denial of service (prevent host start) by creating a long snapshot… | |||
| CVE-2010-2793 | 0.00 | — | 0.01 | Dec 8, 2010 | Race condition in the SPICE (aka spice-activex) plug-in for Internet Explorer in Red Hat Enterprise Virtualization (RHEV) Manager before 2.2.4 allows local users to create a certain named pipe, and consequently gain privileges, via vectors involving knowledge of the name of this… |
- risk 0.36cvss 5.5epss 0.00
Red Hat Enterprise Virtualization (RHEV) Manager 3.6 allows local users to obtain encryption keys, certificates, and other sensitive information by reading the engine-setup log file.
- CVE-2015-0257May 1, 2015risk 0.00cvss —epss 0.00
Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 uses weak permissions on the directories shared by the ovirt-engine-dwhd service and a plugin during service startup, which allows local users to obtain sensitive information by reading files in the directory.
- CVE-2015-0237May 1, 2015risk 0.00cvss —epss 0.02
Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 ignores the permission to deny snapshot creation during live storage migration between domains, which allows remote authenticated users to cause a denial of service (prevent host start) by creating a long snapshot…
- CVE-2010-2793Dec 8, 2010risk 0.00cvss —epss 0.01
Race condition in the SPICE (aka spice-activex) plug-in for Internet Explorer in Red Hat Enterprise Virtualization (RHEV) Manager before 2.2.4 allows local users to create a certain named pipe, and consequently gain privileges, via vectors involving knowledge of the name of this…