CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-0822 – Ovirt: authentication bypass
https://notcve.org/view.php?id=CVE-2024-0822
25 Jan 2024 — An authentication bypass vulnerability was found in overt-engine. This flaw allows the creation of users in the system without authentication due to a flaw in the CreateUserSession command. Se encontró una vulnerabilidad de omisión de autenticación en overt-engine. Este fallo permite la creación de usuarios en el sistema sin autenticación debido a un fallo en el comando CreateUserSession. An update is now available for Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8, Red Hat Virtualization 4 f... • https://access.redhat.com/errata/RHSA-2024:0934 • CWE-287: Improper Authentication CWE-1390: Weak Authentication •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-3193
https://notcve.org/view.php?id=CVE-2022-3193
28 Sep 2022 — An HTML injection/reflected Cross-site scripting (XSS) vulnerability was found in the ovirt-engine. A parameter "error_description" fails to sanitize the entry, allowing the vulnerability to trigger on the Windows Service Accounts home pages. Se encontró una vulnerabilidad de inyección de HTML/reflejado de tipo Cross-site scripting (XSS) en el motor ovirt. Un parámetro "error_description" no sanea la entrada, lo que permite que la vulnerabilidad sea desencadenada en las páginas de inicio de las cuentas de s... • https://bugzilla.redhat.com/show_bug.cgi?id=2126353 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 83%CPEs: 59EXPL: 106CVE-2022-0847 – Linux Kernel Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-0847
07 Mar 2022 — A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system. Se ha encontrado un fallo en la forma en que el miembro "flags" de la estructura del nuevo búfer de la tubería carecía de la inic... • https://packetstorm.news/files/id/176534 • CWE-665: Improper Initialization CWE-909: Missing Initialization of Resource •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-35497 – ovirt-engine: non-admin user is able to access other users public SSH key
https://notcve.org/view.php?id=CVE-2020-35497
21 Dec 2020 — A flaw was found in ovirt-engine 4.4.3 and earlier allowing an authenticated user to read other users' personal information, including name, email and public SSH key. Se encontró un fallo en ovirt-engine versiones 4.4.3 y anteriores permitiendo a un usuario autenticado leer la información personal de otros usuarios, incluyendo el nombre, el correo electrónico y la clave SSH pública A flaw was found in ovirt-engine 4.4.3 and earlier. This flaw allows an authenticated user to read other users' personal inform... • https://bugzilla.redhat.com/show_bug.cgi?id=1908755 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-284: Improper Access Control •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-14333 – ovirt-engine: Reflected cross site scripting vulnerability
https://notcve.org/view.php?id=CVE-2020-14333
18 Aug 2020 — A flaw was found in Ovirt Engine's web interface in ovirt 4.4 and earlier, where it did not filter user-controllable parameters completely, resulting in a reflected cross-site scripting attack. This flaw allows an attacker to leverage a phishing attack, steal an unsuspecting user's cookies or other confidential information, or impersonate them within the application's context. Se detectó un fallo en la interfaz web de Ovirt Engine en ovirt versiones 4.4 y anteriores, donde no filtraba los parámetros control... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14333 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2019-19336 – ovirt-engine: response_type parameter allows reflected XSS
https://notcve.org/view.php?id=CVE-2019-19336
14 Feb 2020 — A cross-site scripting vulnerability was reported in the oVirt-engine's OAuth authorization endpoint before version 4.3.8. URL parameters were included in the HTML response without escaping. This flaw would allow an attacker to craft malicious HTML pages that can run scripts in the context of the user's oVirt session. Se reportó una vulnerabilidad de tipo cross-site scripting en el endpoint de autorización OAuth de oVirt-engine versiones anteriores a 4.3.8. Los parámetros URL fueron incluidos en la respuest... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19336 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2014-0161
https://notcve.org/view.php?id=CVE-2014-0161
02 Jan 2020 — ovirt-engine-sdk-python before 3.4.0.7 and 3.5.0.4 does not verify that the hostname of the remote endpoint matches the Common Name (CN) or subjectAltName as specified by its x.509 certificate in a TLS/SSL session. This could allow man-in-the-middle attackers to spoof remote endpoints via an arbitrary valid certificate. ovirt-engine-sdk-python versiones anteriores a la versión 3.4.0.7 y 3.5.0.4, no comprueba que el nombre de host del endpoint remoto coincida con el Common Name (CN) o subjectAltName según lo... • https://access.redhat.com/security/cve/cve-2014-0161 • CWE-295: Improper Certificate Validation •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2013-4367
https://notcve.org/view.php?id=CVE-2013-4367
01 Nov 2019 — ovirt-engine 3.2 running on Linux kernel 3.1 and newer creates certain files world-writeable due to an upstream kernel change which impacted how python's os.chmod() works when passed a mode of '-1'. ovirt-engine versión 3.2, ejecutado sobre el kernel de Linux versiones 3.1 y posteriores, crea determinados archivos de tipo world-writeable debido a un cambio de kernel ascendente que impactó cómo opera la función os.chmod() de python cuando pasó a un modo de "-1". • https://access.redhat.com/security/cve/cve-2013-4367 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2019-10194 – ovirt-engine-metrics: disclosure of sensitive passwords in log files and ansible playbooks
https://notcve.org/view.php?id=CVE-2019-10194
11 Jul 2019 — Sensitive passwords used in deployment and configuration of oVirt Metrics, all versions. were found to be insufficiently protected. Passwords could be disclosed in log files (if playbooks are run with -v) or in playbooks stored on Metrics or Bastion hosts. Contraseñas confidenciales utilizadas en la implementación y configuración de oVirt Metrics, todas las versiones. Se detectó que no estaban suficientemente protegidas. Las contraseñas se pueden revelar en archivos de registro (si los playbooks se ejecutan... • http://www.securityfocus.com/bid/109140 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-10139 – cockpit-ovirt: admin and appliance passwords saved in plain text variable file during HE deployment
https://notcve.org/view.php?id=CVE-2019-10139
17 May 2019 — During HE deployment via cockpit-ovirt, cockpit-ovirt generates an ansible variable file `/var/lib/ovirt-hosted-engine-setup/cockpit/ansibleVarFileXXXXXX.var` which contains the admin and the appliance passwords as plain-text. At the of the deployment procedure, these files are deleted. Durante la implementación de HE a través de cockpit-ovirt, cockpit-ovirt genera un archivo variable ansible `/ var / lib / ovirt-hosts-configuración-cockpit / ansibleVarFileXXXXXX.var` que contiene las contraseñas del admini... • http://www.securityfocus.com/bid/108396 • CWE-311: Missing Encryption of Sensitive Data CWE-522: Insufficiently Protected Credentials •