Vulnerabilities > Redhat > Enterprise Virtualization Manager > 3.1

DATE	CVE	VULNERABILITY TITLE	RISK
2017-08-24	CVE-2015-5293	Improper Access Control vulnerability in Redhat Enterprise Virtualization Manager Red Hat Enterprise Virtualization Manager 3.6 and earlier gives valid SLAAC IPv6 addresses to interfaces when "boot protocol" is set to None, which might allow remote attackers to communicate with a system designated to be unreachable. network redhat CWE-284	4.3
2013-07-03	CVE-2013-2144	Permissions, Privileges, and Access Controls vulnerability in Redhat Enterprise Virtualization Manager Red Hat Enterprise Virtualization Manager (RHEVM) before 3.2 does not properly check permissions for the target storage domain, which allows attackers to cause a denial of service (disk space consumption) by cloning a VM from a snapshot. network low complexity redhat CWE-264	5.0
2013-03-12	CVE-2013-0168	Permissions, Privileges, and Access Controls vulnerability in Redhat Enterprise Virtualization Manager The MoveDisk command in Red Hat Enterprise Virtualization Manager (RHEV-M) 3.1 and earlier does not properly check permissions on storage domains, which allows remote authenticated storage admins to cause a denial of service (free space consumption of other storage domains) via unspecified vectors. network low complexity redhat CWE-264	4.0

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.