Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat enterprise virtualization manager 2.2.3 vulnerabilities and exploits
(subscribe to this query)
7.4
CVSSv3
CVE-2023-0361
A timing side-channel in the handling of RSA ClientKeyExchange messages exists in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker woul...
Gnu Gnutls 3.6.8-11.el8 2
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager -
Netapp Converged Systems Advisor Agent -
NA
CVE-2013-2144
Red Hat Enterprise Virtualization Manager (RHEVM) prior to 3.2 does not properly check permissions for the target storage domain, which allows malicious users to cause a denial of service (disk space consumption) by cloning a VM from a snapshot.
Redhat Enterprise Virtualization Manager 2.2
Redhat Enterprise Virtualization Manager 2.1
Redhat Enterprise Virtualization Manager
Redhat Enterprise Virtualization Manager 3.0
Redhat Enterprise Virtualization Manager 2.2.3
NA
CVE-2012-6115
The domain management tool (rhevm-manage-domains) in Red Hat Enterprise Virtualization Manager (RHEV-M) 3.1 and previous versions, when the validate action is enabled, logs the administrative password to a world-readable log file, which allows local users to obtain sensitive info...
Redhat Enterprise Virtualization Manager 2.1
Redhat Enterprise Virtualization Manager
Redhat Enterprise Virtualization Manager 2.2.3
Redhat Enterprise Virtualization Manager 2.2
Redhat Enterprise Virtualization Manager 3.0
NA
CVE-2013-0168
The MoveDisk command in Red Hat Enterprise Virtualization Manager (RHEV-M) 3.1 and previous versions does not properly check permissions on storage domains, which allows remote authenticated storage admins to cause a denial of service (free space consumption of other storage doma...
Redhat Enterprise Virtualization Manager 3.0
Redhat Enterprise Virtualization Manager 2.2.3
Redhat Enterprise Virtualization Manager
Redhat Enterprise Virtualization Manager 2.2
Redhat Enterprise Virtualization Manager 2.1
NA
CVE-2012-0861
The vds_installer in Red Hat Enterprise Virtualization Manager (RHEV-M) prior to 3.1, when adding a host, uses the -k curl parameter when downloading deployUtil.py and vds_bootstrap.py, which prevents SSL certificates from being validated and allows remote malicious users to exec...
Redhat Enterprise Virtualization Manager 2.1
Redhat Enterprise Virtualization Manager 2.2.3
Redhat Enterprise Virtualization Manager 2.2
Redhat Enterprise Virtualization Manager
NA
CVE-2012-2696
The backend in Red Hat Enterprise Virtualization Manager (RHEV-M) prior to 3.1 does not properly check privileges, which allows remote authenticated users to query arbitrary information via a (1) SOAP or (2) GWT request.
Redhat Enterprise Virtualization Manager
Redhat Enterprise Virtualization Manager 2.2.3
Redhat Enterprise Virtualization Manager 2.2
Redhat Enterprise Virtualization Manager 2.1
NA
CVE-2011-4316
Red Hat Enterprise Virtualization Manager (RHEV-M) prior to 3.1, in certain unspecified conditions, does not lock the desktop screen between SPICE sessions, which allows local users with access to a virtual machine to gain access to other users' desktop sessions via unspecif...
Redhat Enterprise Virtualization Manager 2.2
Redhat Enterprise Virtualization Manager 2.2.3
Redhat Enterprise Virtualization Manager
Redhat Enterprise Virtualization Manager 2.1
NA
CVE-2012-0860
Multiple untrusted search path vulnerabilities in Red Hat Enterprise Virtualization Manager (RHEV-M) prior to 3.1, when adding a host, allow local users to gain privileges via a Trojan horse (1) deployUtil.py or (2) vds_bootstrap.py Python module in /tmp/.
Redhat Enterprise Virtualization Manager 2.2
Redhat Enterprise Virtualization Manager
Redhat Enterprise Virtualization Manager 2.2.3
Redhat Enterprise Virtualization Manager 2.1
NA
CVE-2012-5516
Red Hat Enterprise Virtualization Manager (RHEV-M) prior to 3.1, when moving disks between storage domains, does not properly wipe-after-delete, which prevents disks from being securely deleted and might allow local users to obtain sensitive information via unspecified vectors.
Redhat Enterprise Virtualization Manager
Redhat Enterprise Virtualization Manager 2.2.3
Redhat Enterprise Virtualization Manager 2.2.4
Redhat Enterprise Virtualization Manager 2.2
Redhat Enterprise Virtualization Manager 2.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started