oVirt 4.2.7.3

CPE Details

oVirt 4.2.7.3
ovirt
ovirt
4.2.7.3
2019-04-15
12h32 +00:00
2019-11-06
19h55 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:ovirt:ovirt:4.2.7.3:*:*:*:*:*:*:*

Informations

Vendor

ovirt

Product

ovirt

Version

4.2.7.3

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2019-10194 2019-07-11 16h33 +00:00 Sensitive passwords used in deployment and configuration of oVirt Metrics, all versions. were found to be insufficiently protected. Passwords could be disclosed in log files (if playbooks are run with -v) or in playbooks stored on Metrics or Bastion hosts.
5.5
Moyen
CVE-2019-3879 2019-03-25 17h30 +00:00 It was discovered that in the ovirt's REST API before version 4.3.2.1, RemoveDiskCommand is triggered as an internal command, meaning the permission validation that should be performed against the calling user is skipped. A user with low privileges (eg Basic Operations) could exploit this flaw to delete disks attached to guests.
8.1
Haute