CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-0237 – vdsm: Users attempting a live storage migration create snapshot without snapshot creation permissions
https://notcve.org/view.php?id=CVE-2015-0237
Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 ignores the permission to deny snapshot creation during live storage migration between domains, which allows remote authenticated users to cause a denial of service (prevent host start) by creating a long snapshot chain. Red Hat Enterprise Virtualization (RHEV) Manager anterior a 3.5.1 ignora el permiso para denegar la creación de instantáneas durante la migración del almacenaje en vivo entre dominios, lo que permite a usuarios remotos autenticados causar una denegación de servicio (impedir el inicio del anfitrión) mediante la creación de una cadena larga de instantáneas. It was discovered that the permissions to allow or deny snapshot creation were ignored during live storage migration of a VM's disk between storage domains. An attacker able to live migrate a disk between storage domains could use this flaw to cause a denial of service. • http://rhn.redhat.com/errata/RHSA-2015-0888.html http://www.securitytracker.com/id/1032231 https://access.redhat.com/security/cve/CVE-2015-0237 https://bugzilla.redhat.com/show_bug.cgi?id=1184716 • CWE-264: Permissions, Privileges, and Access Controls CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-3573 – Engine: XML eXternal Entity (XXE) flaw in backend module
https://notcve.org/view.php?id=CVE-2014-3573
The oVirt Engine backend module, as used in Red Hat Enterprise Virtualization Manager before 3.4.2, uses an "insecure DocumentBuilderFactory," which allows remote attackers to read arbitrary files or possibly have other unspecified impact via a crafted XML/RSDL document, related to an XML External Entity (XXE) issue. El módulo de backend oVirt Engine, como el utilizado en Red Hat Enterprise Virtualization Manager anterior a 3.4.2, utiliza una 'DocumentBuilderFactory insegura', lo que permite a atacantes remotos leer archivos arbitrarios o, posiblemente, tener otro impacto sin especificar a través de un documento XML/RSDL manipulado, relacionado con un problema de tipo XML External Entity (XXE). It was discovered that, when loading XML/RSDL documents, the oVirt Engine back end module used an insecure DocumentBuilderFactory. A remote, authenticated attacker could use this flaw to read files accessible to the user running the ovirt-engine server, and potentially perform other more advanced XML External Entity (XXE) attacks. • http://rhn.redhat.com/errata/RHSA-2014-1161.html http://www.securitytracker.com/id/1030807 https://access.redhat.com/security/cve/CVE-2014-3573 https://bugzilla.redhat.com/show_bug.cgi?id=1125795 • CWE-20: Improper Input Validation CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0CVE-2013-6434 – rhev: remote-viewer spice tls-stripping issue
https://notcve.org/view.php?id=CVE-2013-6434
The remote-viewer in Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.3, when using a native SPICE client invocation method, initially makes insecure connections to the SPICE server, which allows man-in-the-middle attackers to spoof the SPICE server. El visor remoto en Red Hat Enterprise Virtualization Manager (RHEV-M) anteriores a 3.3, cuando se utiliza un método de invocación de clientes SPICE nativos, inicialmente hace conexiones inseguras al servidor SPICE, lo cual permite a atacantes man-in-the-middle suplantar al servidor SPICE. • http://rhn.redhat.com/errata/RHSA-2014-0038.html http://www.securityfocus.com/bid/65077 http://www.securitytracker.com/id/1029653 https://access.redhat.com/security/cve/CVE-2013-6434 https://bugzilla.redhat.com/show_bug.cgi?id=1039839 • CWE-264: Permissions, Privileges, and Access Controls CWE-300: Channel Accessible by Non-Endpoint •
CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0CVE-2013-2144 – rhevm: insufficient target domain permission check when cloning a VM from a snapshot
https://notcve.org/view.php?id=CVE-2013-2144
Red Hat Enterprise Virtualization Manager (RHEVM) before 3.2 does not properly check permissions for the target storage domain, which allows attackers to cause a denial of service (disk space consumption) by cloning a VM from a snapshot. Red Hat Enterprise Virtualization Manager (RHEVM) anterior a 3.2, no maneja adecuadamente los permisos para el dominio de almacenamiento objetivo, lo que permite a atacantes provocar una denegación de servicio (consumo de espacio de disco) mediante el clonado de una máquina virtual desde un SnapShot. • http://rhn.redhat.com/errata/RHSA-2013-0888.html https://access.redhat.com/security/cve/CVE-2013-2144 https://bugzilla.redhat.com/show_bug.cgi?id=971058 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.0EPSS: 0%CPEs: 5EXPL: 0CVE-2013-0168 – rhev-m: insufficient MoveDisk target domain permission checks
https://notcve.org/view.php?id=CVE-2013-0168
The MoveDisk command in Red Hat Enterprise Virtualization Manager (RHEV-M) 3.1 and earlier does not properly check permissions on storage domains, which allows remote authenticated storage admins to cause a denial of service (free space consumption of other storage domains) via unspecified vectors. El comando MoveDisk en Red Hat Enterprise Virtualization Manager (RHEV-M) v3.1 y anteriores, no valida adecuadamente los permisos en los dominios de almacenamiento, lo que permite a administradores de almacenamiento autenticados remotamente provocar una denegación de servicio (agotamiento del espacio libre sobre otros dominios de almacenamiento) a través de vectores no especificados. • http://rhn.redhat.com/errata/RHSA-2013-0211.html http://www.securityfocus.com/bid/57750 http://www.securitytracker.com/id/1028076 https://bugzilla.redhat.com/show_bug.cgi?id=893355 https://exchange.xforce.ibmcloud.com/vulnerabilities/81834 https://access.redhat.com/security/cve/CVE-2013-0168 • CWE-264: Permissions, Privileges, and Access Controls •