NotCVE - vendor:"Redhat" product:"Rhev Hypervisor"

2 results (0.003 seconds)

CVSS: 4.6EPSS: 0%CPEs: 3EXPL: 0

CVE-2024-7259 – Ovirt-engine: potential exposure of cleartext provider passwords via web ui

https://notcve.org/view.php?id=CVE-2024-7259

26 Sep 2024 — A flaw was found in oVirt. A user with administrator privileges, including users with the ReadOnlyAdmin permission, may be able to use browser developer tools to view Provider passwords in cleartext. • https://access.redhat.com/security/cve/CVE-2024-7259 • CWE-312: Cleartext Storage of Sensitive Information •

CVSS: 7.1EPSS: 0%CPEs: 27EXPL: 0

CVE-2023-3758 – Sssd: race condition during authorization leads to gpo policies functioning inconsistently

https://notcve.org/view.php?id=CVE-2023-3758

18 Apr 2024 — A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately. Se encontró una falla en la condición de ejecución en sssd donde la política de GPO no se aplica de manera consistente para los usuarios autenticados. Esto puede dar lugar a problemas de autorización inapropiados, otorgando o denegando acceso a recursos de manera inapropiada. • https://access.redhat.com/errata/RHSA-2024:1919 • CWE-285: Improper Authorization CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •