ID CVE-2015-1841
Summary The Web Admin interface in Red Hat Enterprise Virtualization Manager (RHEV-M) allows local users to bypass the timeout function by selecting a VM in the VM grid view.
References
Vulnerable Configurations
  • cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*
CVSS
Base: 3.7 (as of 09-09-2015 - 18:32)
Impact:
Exploitability:
CWE CWE-17
CAPEC
Access
VectorComplexityAuthentication
LOCAL HIGH NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:L/AC:H/Au:N/C:P/I:P/A:P
redhat via4
advisories
rhsa
id RHSA-2015:1713
rpms
  • rhev-hypervisor6-0:6.7-20150828.0.el6ev
  • rhev-hypervisor7-0:7.1-20150827.1.el6ev
  • rhev-hypervisor7-0:7.1-20150827.1.el7ev
refmap via4
sectrack 1033459
Last major update 09-09-2015 - 18:32
Published 08-09-2015 - 15:59
Last modified 09-09-2015 - 18:32
Back to Top