Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.3
CVSSv3

CVE-2018-1073

Published: 19/06/2018 Updated: 08/12/2020
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Ovirt-engine

Vulnerability Summary

The web console login form in ovirt-engine before version 4.2.3 returned different errors for non-existent users and invalid passwords, allowing an malicious user to discover the names of valid user accounts.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

ovirt ovirt-engine

redhat virtualization 4.0

redhat virtualization_host 4.0

Vendor Advisories

Red Hat: Important: rhvm-appliance security and enhancement update
Synopsis Important: rhvm-appliance security and enhancement update Type/Severity Security Advisory: Important Topic An update for rhvm-appliance is now available for Red Hat Virtualization 4 for RHEL-7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerab ...
Red Hat: CVE-2018-1073
The ovirt-engine web console login form returned different errors for non-existent users and invalid passwords, allowing an attacker to discover the names of valid user accounts ...

References

CWE-200https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1073https://access.redhat.com/errata/RHSA-2018:1525http://www.securityfocus.com/bid/104189https://access.redhat.com/errata/RHSA-2018:1525https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2018-1073
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924CVE-2024-3400overflowCVE-2024-23528CVE-2024-21338CVE-2024-3818CVE-2024-23535NULL pointer dereferenceelevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook