Published: 04/01/2013 Updated: 29/08/2017

CVSS v2 Base Score: 2.7 | Impact Score: 2.9 | Exploitability Score: 5.1

VMScore: 240

Vector: AV:A/AC:L/Au:S/C:P/I:N/A:N

The backend in Red Hat Enterprise Virtualization Manager (RHEV-M) prior to 3.1 does not properly check privileges, which allows remote authenticated users to query arbitrary information via a (1) SOAP or (2) GWT request.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat enterprise virtualization manager
redhat enterprise virtualization manager 2.2.3
redhat enterprise virtualization manager 2.2
redhat enterprise virtualization manager 2.1

Synopsis Important: Red Hat Enterprise Virtualization Manager 31 Type/Severity Security Advisory: Important Topic Red Hat Enterprise Virtualization Manager 31 is now availableThe Red Hat Security Response Team has rated this update as havingimportant security impact Common Vulnerability Scoring System ( ...

CWE-264 http://rhn.redhat.com/errata/RHSA-2012-1506.html http://www.securityfocus.com/bid/56825 http://www.securitytracker.com/id?1027838 https://exchange.xforce.ibmcloud.com/vulnerabilities/80545 https://access.redhat.com/errata/RHSA-2012:1506 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-2696

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect