Vulnerabilities > Redhat > Enterprise Virtualization > 3.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-02-25 | CVE-2015-5201 | Missing Authentication for Critical Function vulnerability in Redhat products VDSM and libvirt in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H) 7-7.x before 7-7.2-20151119.0 and 6-6.x before 6-6.7-20151117.0 as packaged in Red Hat Enterprise Virtualization before 3.5.6 when VSDM is run with -spice disable-ticketing and a VM is suspended and then restored, allows remote attackers to log in without authentication via unspecified vectors. | 7.5 |
2017-08-22 | CVE-2016-6310 | Information Exposure vulnerability in Redhat Enterprise Virtualization oVirt Engine discloses the ENGINE_HTTPS_PKI_TRUST_STORE_PASSWORD in /var/log/ovirt-engine/engine.log file in RHEV before 4.0. | 2.1 |
2014-01-21 | CVE-2013-2152 | Local Privilege Escalation vulnerability in Redhat Enterprise Virtualization 3.2 Unquoted Windows search path vulnerability in the SPICE service, as used in Red Hat Enterprise Virtualization (RHEV) 3.2, allows local users to gain privileges via a crafted application in an unspecified folder. | 7.2 |
2013-08-28 | CVE-2013-2176 | Resource Management Errors vulnerability in Redhat Enterprise Virtualization 3.0/3.2 Unquoted Windows search path vulnerability in the Red Hat Enterprise Virtualization Application Provisioning Tool (RHEV-APT) in the rhev-guest-tools-iso package 3.2 allows local users to gain privileges via a Trojan horse application. | 7.2 |
2013-08-19 | CVE-2013-0167 | Denial of Service vulnerability in Red Hat Enterprise Virtualization Hypervisor VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become "unavailable to the managment server" via guestInfo dictionaries with "unexpected fields." low complexity redhat | 2.7 |