VYPR

Vendor CVEs

Ovirt

All CVEs

35 total · sorted by risk
  • CVE-2014-8170HigSep 26, 2017
    risk 0.57cvss 8.8epss 0.04

    ovirt_safe_delete_config in ovirtfunctions.py and other unspecified locations in ovirt-node 3.0.0-474-gb852fd7 as packaged in Red Hat Enterprise Virtualization 3 do not properly quote input strings, which allows remote authenticated users and physically proximate attackers to…

  • CVE-2018-1000018HigJan 24, 2018
    risk 0.51cvss 7.8epss 0.00

    An information disclosure in ovirt-hosted-engine-setup prior to 2.2.7 reveals the root user's password in the log file.

  • CVE-2014-7851HigOct 16, 2017
    risk 0.49cvss 7.5epss 0.01

    oVirt 3.2.2 through 3.5.0 does not invalidate the restapi session after logout from the webadmin, which allows remote authenticated users with knowledge of another user's session data to gain that user's privileges by replacing their session token with that of another user.

  • CVE-2016-6338MedApr 20, 2017
    risk 0.44cvss 6.8epss 0.01

    ovirt-engine-webadmin, as used in Red Hat Enterprise Virtualization Manager (aka RHEV-M) for Servers and RHEV-M 4.0, allows physically proximate attackers to bypass a webadmin session timeout restriction via vectors related to UI selections, which trigger repeating queries.

  • CVE-2018-10908MedAug 9, 2018
    risk 0.42cvss 6.5epss 0.01

    It was found that vdsm before version 4.20.37 invokes qemu-img on untrusted inputs without limiting resources. By uploading a specially crafted image, an attacker could cause the qemu-img process to consume unbounded amounts of memory of CPU time, causing a denial of service…

  • CVE-2016-3077MedJun 6, 2017
    risk 0.42cvss 6.5epss 0.01

    The VersionMapper.fromKernelVersionString method in oVirt Engine allows remote authenticated users to cause a denial of service (process crash) for all VMs.

  • CVE-2016-3113MedAug 7, 2017
    risk 0.40cvss 6.1epss 0.03

    Cross-site scripting (XSS) vulnerability in ovirt-engine allows remote attackers to inject arbitrary web script or HTML.

  • CVE-2014-3706MedOct 18, 2017
    risk 0.38cvss 5.9epss 0.01

    ovirt-engine, as used in Red Hat MRG 3, allows man-in-the-middle attackers to spoof servers by leveraging failure to verify key attributes in vdsm X.509 certificates.

  • CVE-2016-6310MedAug 22, 2017
    risk 0.36cvss 5.5epss 0.00

    oVirt Engine discloses the ENGINE_HTTPS_PKI_TRUST_STORE_PASSWORD in /var/log/ovirt-engine/engine.log file in RHEV before 4.0.

  • CVE-2016-6341MedApr 20, 2017
    risk 0.36cvss 5.5epss 0.00

    oVirt Engine before 4.0.3 does not include DWH_DB_PASSWORD in the list of keys to hide in log files, which allows local users to obtain sensitive password information by reading engine log files.

  • CVE-2018-1073MedJun 19, 2018
    risk 0.35cvss 5.3epss 0.02

    The web console login form in ovirt-engine before version 4.2.3 returned different errors for non-existent users and invalid passwords, allowing an attacker to discover the names of valid user accounts.

  • CVE-2018-1062MedMar 6, 2018
    risk 0.35cvss 5.3epss 0.01

    A vulnerability was discovered in oVirt 4.1.x before 4.1.9, where the combination of Enable Discard and Wipe After Delete flags for VM disks managed by oVirt, could cause a disk to be incompletely zeroed when removed from a VM. If the same storage blocks happen to be later…

  • CVE-2018-1072MedJun 26, 2018
    risk 0.33cvss 5.0epss 0.01

    ovirt-engine before version ovirt 4.2.2 is vulnerable to an information exposure through log files. When engine-backup was run with one of the options "--provision*db", the database username and password were logged in cleartext. Sharing the provisioning log might inadvertently…

  • CVE-2018-1117MedJun 20, 2018
    risk 0.33cvss 5.0epss 0.01

    ovirt-ansible-roles before version 1.0.6 has a vulnerability due to a missing no_log directive, resulting in the 'Add oVirt Provider to ManageIQ/CloudForms' playbook inadvertently disclosing admin passwords in the provisioning log. In an environment where logs are shared with…

  • CVE-2018-1075MedJun 12, 2018
    risk 0.33cvss 5.0epss 0.00

    ovirt-engine up to version 4.2.3 is vulnerable to an unfiltered password when choosing manual db provisioning. When engine-setup was run and one chooses to provision the database manually or connect to a remote database, the password input was logged in cleartext during the…

  • CVE-2018-1000095MedMar 13, 2018
    risk 0.31cvss 4.8epss 0.01

    oVirt version 4.2.0 to 4.2.2 contains a Cross Site Scripting (XSS) vulnerability in the name/description of VMs portion of the web admin application. This vulnerability appears to have been fixed in version 4.2.3.

  • CVE-2016-5432LowOct 3, 2016
    risk 0.21cvss 3.3epss 0.00

    The ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization (RHEV) Engine 4.0 allows local users to obtain sensitive database provisioning information by reading log files.

  • CVE-2024-7259Sep 26, 2024
    risk 0.00cvss epss 0.00

    A flaw was found in oVirt. A user with administrator privileges, including users with the ReadOnlyAdmin permission, may be able to use browser developer tools to view Provider passwords in cleartext.

  • CVE-2022-2805Oct 19, 2022
    risk 0.00cvss epss 0.00

    A flaw was found in ovirt-engine, which leads to the logging of plaintext passwords in the log file when using otapi-style. This flaw allows an attacker with sufficient privileges to read the log file, leading to confidentiality loss.

  • CVE-2022-3193Sep 28, 2022
    risk 0.00cvss epss 0.00

    An HTML injection/reflected Cross-site scripting (XSS) vulnerability was found in the ovirt-engine. A parameter "error_description" fails to sanitize the entry, allowing the vulnerability to trigger on the Windows Service Accounts home pages.

  • CVE-2022-0207Aug 26, 2022
    risk 0.00cvss epss 0.00

    A race condition was found in vdsm. Functionality to obfuscate sensitive values in log files that may lead to values being stored in clear text.

  • CVE-2020-14333Aug 18, 2020
    risk 0.00cvss epss 0.01

    A flaw was found in Ovirt Engine's web interface in ovirt 4.4 and earlier, where it did not filter user-controllable parameters completely, resulting in a reflected cross-site scripting attack. This flaw allows an attacker to leverage a phishing attack, steal an unsuspecting…

  • CVE-2013-0293Dec 10, 2019
    risk 0.00cvss epss 0.00

    oVirt Node: Lock screen accepts F2 to drop to shell causing privilege escalation

  • CVE-2015-1780Nov 22, 2019
    risk 0.00cvss epss 0.01

    oVirt users with MANIPULATE_STORAGE_DOMAIN permissions can attach a storage domain to any data-center

  • CVE-2014-8167Nov 13, 2019
    risk 0.00cvss epss 0.01

    vdsm and vdsclient does not validate certficate hostname from another vdsm which could facilitate a man-in-the-middle attack

  • CVE-2013-4367Nov 1, 2019
    risk 0.00cvss epss 0.00

    ovirt-engine 3.2 running on Linux kernel 3.1 and newer creates certain files world-writeable due to an upstream kernel change which impacted how python's os.chmod() works when passed a mode of '-1'.

  • CVE-2017-7510Mar 25, 2019
    risk 0.00cvss epss 0.01

    In ovirt-engine 4.1, if a host was provisioned with cloud-init, the root password could be revealed through the REST interface.

  • CVE-2019-3831Mar 25, 2019
    risk 0.00cvss epss 0.01

    A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm system user could be abused to execute arbitrary commands as root.

  • CVE-2014-0154Feb 13, 2015
    risk 0.00cvss epss 0.02

    oVirt Engine before 3.5.0 does not include the HTTPOnly flag in a Set-Cookie header for the session IDs, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.

  • CVE-2014-0153Sep 8, 2014
    risk 0.00cvss epss 0.01

    The REST API in oVirt 3.4.0 and earlier stores session IDs in HTML5 local storage, which allows remote attackers to obtain sensitive information via a crafted web page.

  • CVE-2014-0152Sep 8, 2014
    risk 0.00cvss epss 0.02

    Session fixation vulnerability in the web admin interface in oVirt 3.4.0 and earlier allows remote attackers to hijack web sessions via unspecified vectors.

  • CVE-2014-3559Aug 6, 2014
    risk 0.00cvss epss 0.01

    The oVirt storage backend in Red Hat Enterprise Virtualization 3.4 does not wipe memory snapshots when deleting a VM, even when wipe-after-delete (WAD) is configured for the VM's disk, which allows remote authenticated users with certain credentials to read portions of the…

  • CVE-2013-4181Sep 16, 2013
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in the addAlert function in the RedirectServlet servlet in oVirt Engine and Red Hat Enterprise Virtualization Manager (RHEV-M), as used in Red Hat Enterprise Virtualization 3 and 3.2, allows remote attackers to inject arbitrary web script…

  • CVE-2012-5638Dec 20, 2012
    risk 0.00cvss epss 0.00

    The setup_logging function in log.h in SANLock uses world-writable permissions for /var/log/sanlock.log, which allows local users to overwrite the file content or bypass intended disk-quota restrictions via standard filesystem write operations.

  • CVE-2012-3533Aug 31, 2012
    risk 0.00cvss epss 0.01

    The python SDK before 3.1.0.6 and CLI before 3.1.0.8 for oVirt 3.1 does not check the server SSL certificate against the client keys, which allows remote attackers to spoof a server via a man-in-the-middle (MITM) attack.