Vulnerabilities > Redhat > Enterprise Virtualization Manager > 3.4

DATE	CVE	VULNERABILITY TITLE	RISK
2017-09-25	CVE-2015-7544	Injection vulnerability in Redhat Enterprise Virtualization Manager 3.4/3.4.1/3.5.0 redhat-support-plugin-rhev in Red Hat Enterprise Virtualization Manager (aka RHEV Manager) before 3.6 allows remote authenticated users with the SuperUser role on any Entity to execute arbitrary commands on any host in the RHEV environment. network low complexity redhat CWE-74 critical	9.1
2017-08-24	CVE-2015-5293	Improper Access Control vulnerability in Redhat Enterprise Virtualization Manager Red Hat Enterprise Virtualization Manager 3.6 and earlier gives valid SLAAC IPv6 addresses to interfaces when "boot protocol" is set to None, which might allow remote attackers to communicate with a system designated to be unreachable. network high complexity redhat CWE-284	5.9

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.