ovirt-engine API and administration web portal prior to 4.2.2.5, 4.1.11.2 is vulnerable to an exposure of Power Management credentials, including cleartext passwords to Host Administrators. A Host Administrator could use this flaw to gain access to the power management systems of hosts they control.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ovirt ovirt |
||
redhat enterprise virtualization 4.0 |