Vulnerabilities > Redhat > Ovirt Engine > 4.1.0

DATE CVE VULNERABILITY TITLE RISK
2020-08-24 CVE-2020-10775 Open Redirect vulnerability in multiple products
An Open redirect vulnerability was found in ovirt-engine versions 4.4 and earlier, where it allows remote attackers to redirect users to arbitrary web sites and attempt phishing attacks.
network
high complexity
oracle redhat CWE-601
5.3
5.3
2019-03-25 CVE-2017-7510 Information Exposure vulnerability in Redhat Ovirt-Engine 4.1.0
In ovirt-engine 4.1, if a host was provisioned with cloud-init, the root password could be revealed through the REST interface.
network
low complexity
redhat CWE-200
8.8
8.8
2018-03-06 CVE-2018-1062 Improper Cross-boundary Removal of Sensitive Data vulnerability in Redhat Ovirt-Engine
A vulnerability was discovered in oVirt 4.1.x before 4.1.9, where the combination of Enable Discard and Wipe After Delete flags for VM disks managed by oVirt, could cause a disk to be incompletely zeroed when removed from a VM.
network
redhat CWE-212
3.5
3.5