Описание
The remote-viewer in Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.3, when using a native SPICE client invocation method, initially makes insecure connections to the SPICE server, which allows man-in-the-middle attackers to spoof the SPICE server.
The remote-viewer in Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.3, when using a native SPICE client invocation method, initially makes insecure connections to the SPICE server, which allows man-in-the-middle attackers to spoof the SPICE server.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2013-6434
- https://access.redhat.com/errata/RHSA-2014:0038
- https://access.redhat.com/security/cve/CVE-2013-6434
- https://bugzilla.redhat.com/show_bug.cgi?id=1039839
- http://rhn.redhat.com/errata/RHSA-2014-0038.html
- http://www.securityfocus.com/bid/65077
- http://www.securitytracker.com/id/1029653
EPSS
CVE ID
Связанные уязвимости
The remote-viewer in Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.3, when using a native SPICE client invocation method, initially makes insecure connections to the SPICE server, which allows man-in-the-middle attackers to spoof the SPICE server.
The remote-viewer in Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.3, when using a native SPICE client invocation method, initially makes insecure connections to the SPICE server, which allows man-in-the-middle attackers to spoof the SPICE server.
The remote-viewer in Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.3, when using a native SPICE client invocation method, initially makes insecure connections to the SPICE server, which allows man-in-the-middle attackers to spoof the SPICE server.
EPSS