oVirt Engine CVE-2014-3559 Information Disclosure Vulnerability
BID:69174
Info
oVirt Engine CVE-2014-3559 Information Disclosure Vulnerability
| Bugtraq ID: | 69174 |
| Class: | Design Error |
| CVE: |
CVE-2014-3559 |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 04 2014 12:00AM |
| Updated: | Aug 04 2014 12:00AM |
| Credit: | Idan Shaby and Allon Mureinik of Red Hat. |
| Vulnerable: |
Redhat Enterprise Virtualization 3.4 oVirt Engine 0 |
| Not Vulnerable: | |
Discussion
oVirt Engine CVE-2014-3559 Information Disclosure Vulnerability
oVirt Engine is prone to an information-disclosure vulnerability.
An attacker can exploit this issue to obtain sensitive information. Successful exploits may lead to other attacks.
oVirt Engine is prone to an information-disclosure vulnerability.
An attacker can exploit this issue to obtain sensitive information. Successful exploits may lead to other attacks.
Exploit / POC
oVirt Engine CVE-2014-3559 Information Disclosure Vulnerability
An attacker may use readily available tools to exploit this issue.
An attacker may use readily available tools to exploit this issue.
References
oVirt Engine CVE-2014-3559 Information Disclosure Vulnerability
References:
References:
- Red Hat Enterprise Virtualization Manager Homepage (Red Hat)
- Moderate: rhevm security update (Red Hat)