
CVE-2015-5201
https://notcve.org/view.php?id=CVE-2015-5201
25 Feb 2020 — VDSM and libvirt in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H) 7-7.x before 7-7.2-20151119.0 and 6-6.x before 6-6.7-20151117.0 as packaged in Red Hat Enterprise Virtualization before 3.5.6 when VSDM is run with -spice disable-ticketing and a VM is suspended and then restored, allows remote attackers to log in without authentication via unspecified vectors. VDSM y libvirt en Red Hat Enterprise Virtualization Hypervisor (también se conoce como RHEV-H) versiones 7-7.x anteriores a 7-7.2-20151119... • https://access.redhat.com/security/cve/cve-2015-5201 • CWE-306: Missing Authentication for Critical Function •

CVE-2009-3552 – GUI: Man in the middle attack possible on the GUI to Backend SSL connection
https://notcve.org/view.php?id=CVE-2009-3552
09 Nov 2019 — In RHEV-M VDC 2.2.0, it was found that the SSL certificate was not verified when using the client-side Red Hat Enterprise Virtualization Manager interface (a Windows Presentation Foundation (WPF) XAML browser application) to connect to the Red Hat Enterprise Virtualization Manager. An attacker on the local network could use this flaw to conduct a man-in-the-middle attack, tricking the user into thinking they are viewing the Red Hat Enterprise Virtualization Manager when the content is actually attacker-cont... • https://access.redhat.com/security/cve/cve-2009-3552 • CWE-295: Improper Certificate Validation •

CVE-2016-6310
https://notcve.org/view.php?id=CVE-2016-6310
22 Aug 2017 — oVirt Engine discloses the ENGINE_HTTPS_PKI_TRUST_STORE_PASSWORD in /var/log/ovirt-engine/engine.log file in RHEV before 4.0. oVirt Engine divulga ENGINE_HTTPS_PKI_TRUST_STORE_PASSWORD en un archivo /var/log/ovirt-engine/engine.log en RHEV en versiones anteriores a la 4.0. • http://www.securityfocus.com/bid/92345 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVE-2013-6434 – rhev: remote-viewer spice tls-stripping issue
https://notcve.org/view.php?id=CVE-2013-6434
22 Jan 2014 — The remote-viewer in Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.3, when using a native SPICE client invocation method, initially makes insecure connections to the SPICE server, which allows man-in-the-middle attackers to spoof the SPICE server. El visor remoto en Red Hat Enterprise Virtualization Manager (RHEV-M) anteriores a 3.3, cuando se utiliza un método de invocación de clientes SPICE nativos, inicialmente hace conexiones inseguras al servidor SPICE, lo cual permite a atacantes man-in-... • http://rhn.redhat.com/errata/RHSA-2014-0038.html • CWE-264: Permissions, Privileges, and Access Controls CWE-300: Channel Accessible by Non-Endpoint •

CVE-2013-2144 – rhevm: insufficient target domain permission check when cloning a VM from a snapshot
https://notcve.org/view.php?id=CVE-2013-2144
11 Jun 2013 — Red Hat Enterprise Virtualization Manager (RHEVM) before 3.2 does not properly check permissions for the target storage domain, which allows attackers to cause a denial of service (disk space consumption) by cloning a VM from a snapshot. Red Hat Enterprise Virtualization Manager (RHEVM) anterior a 3.2, no maneja adecuadamente los permisos para el dominio de almacenamiento objetivo, lo que permite a atacantes provocar una denegación de servicio (consumo de espacio de disco) mediante el clonado de una máquina... • http://rhn.redhat.com/errata/RHSA-2013-0888.html • CWE-264: Permissions, Privileges, and Access Controls •

CVE-2012-6115 – rhev: rhevm-manage-domains logs admin passwords
https://notcve.org/view.php?id=CVE-2012-6115
12 Mar 2013 — The domain management tool (rhevm-manage-domains) in Red Hat Enterprise Virtualization Manager (RHEV-M) 3.1 and earlier, when the validate action is enabled, logs the administrative password to a world-readable log file, which allows local users to obtain sensitive information by reading this file. La herramienta para la gestión de dominios (rhevm-manage-domains)Red Hat Enterprise Virtualization Manager (RHEV-M) v3.1 y anteriores, cuando la opción de validación está activada, registra la contraseña administ... • http://gerrit.ovirt.org/gitweb?p=ovirt-engine.git%3Ba=commit%3Bh=e8c72daec4efa8be0fcd8ea55c41e855ddd8eedf • CWE-255: Credentials Management Errors •

CVE-2013-0168 – rhev-m: insufficient MoveDisk target domain permission checks
https://notcve.org/view.php?id=CVE-2013-0168
12 Mar 2013 — The MoveDisk command in Red Hat Enterprise Virtualization Manager (RHEV-M) 3.1 and earlier does not properly check permissions on storage domains, which allows remote authenticated storage admins to cause a denial of service (free space consumption of other storage domains) via unspecified vectors. El comando MoveDisk en Red Hat Enterprise Virtualization Manager (RHEV-M) v3.1 y anteriores, no valida adecuadamente los permisos en los dominios de almacenamiento, lo que permite a administradores de almacenamie... • http://rhn.redhat.com/errata/RHSA-2013-0211.html • CWE-264: Permissions, Privileges, and Access Controls •

CVE-2012-5516 – rhev-m: MoveDisk ignores the disk's wipe-after-delete property
https://notcve.org/view.php?id=CVE-2012-5516
04 Jan 2013 — Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.1, when moving disks between storage domains, does not properly wipe-after-delete, which prevents disks from being securely deleted and might allow local users to obtain sensitive information via unspecified vectors. Red Hat Enterprise Virtualization Manager (RHEV-M) anteriores a v3.1, cuando se mueven discos entre dominios de almacenamiento, no efectúa de forma adecuada la eliminación segura (wipe) después de borrar, lo que evita que un disco no s... • http://rhn.redhat.com/errata/RHSA-2012-1506.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVE-2012-0860 – rhev: vds_installer insecure /tmp use
https://notcve.org/view.php?id=CVE-2012-0860
04 Jan 2013 — Multiple untrusted search path vulnerabilities in Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.1, when adding a host, allow local users to gain privileges via a Trojan horse (1) deployUtil.py or (2) vds_bootstrap.py Python module in /tmp/. Múltiples vulnerabilidades de path de búsqueda no confiable en Red Hat Enterprise Virtualization Manager (RHEV-M) anteriores a v3.1, cuando se añade un host, permite a usuario locales obtener privilegios a través de un fichero (1) deployUtil.py o (2) el mód... • http://rhn.redhat.com/errata/RHSA-2012-1506.html • CWE-377: Insecure Temporary File •

CVE-2012-0861 – rhev: vds_installer is prone to MITM when downloading 2nd stage installer
https://notcve.org/view.php?id=CVE-2012-0861
04 Jan 2013 — The vds_installer in Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.1, when adding a host, uses the -k curl parameter when downloading deployUtil.py and vds_bootstrap.py, which prevents SSL certificates from being validated and allows remote attackers to execute arbitrary Python code via a man-in-the-middle attack. El vds_installer en Red Hat Enterprise Virtualization Manager (RHEV-M) anteriores a v3.1, cuando se añade un host, usa el parámetro "-k curl" cuando se descarga deployUtil.py y vds_b... • http://rhn.redhat.com/errata/RHSA-2012-1505.html • CWE-295: Improper Certificate Validation CWE-310: Cryptographic Issues •