Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:redhat:ovirt-engine:-:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2020-10775 |
An Open redirect vulnerability was found in ovirt-engine versions 4.4 and earlier, where it allows remote attackers to redirect users to arbitrary web sites and attempt phishing attacks. Once the target has opened the malicious URL in their browser, the critical part of the URL is no longer visible. The highest threat from this vulnerability is on confidentiality. Published: August 24, 2020; 1:15:10 PM -0400 |
V4.0:(not available) V3.1: 5.3 MEDIUM V2.0: 2.6 LOW |
CVE-2015-1780 |
oVirt users with MANIPULATE_STORAGE_DOMAIN permissions can attach a storage domain to any data-center Published: November 22, 2019; 10:15:10 AM -0500 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0: 4.0 MEDIUM |
CVE-2016-3113 |
Cross-site scripting (XSS) vulnerability in ovirt-engine allows remote attackers to inject arbitrary web script or HTML. Published: August 07, 2017; 4:29:01 PM -0400 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-3077 |
The VersionMapper.fromKernelVersionString method in oVirt Engine allows remote authenticated users to cause a denial of service (process crash) for all VMs. Published: June 06, 2017; 2:29:00 PM -0400 |
V4.0:(not available) V3.0: 6.5 MEDIUM V2.0: 4.0 MEDIUM |