Описание
Session fixation vulnerability in the web admin interface in oVirt 3.4.0 and earlier allows remote attackers to hijack web sessions via unspecified vectors.
Ссылки
- Patch
- PatchVendor Advisory
- Patch
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.4.0 (включая)
Одно из
cpe:2.3:a:ovirt:ovirt:*:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ovirt-engine:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ovirt-engine:3.1.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ovirt-engine:3.2.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ovirt-engine:3.3.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ovirt-engine:3.3.2:rc1:*:*:*:*:*:*
cpe:2.3:a:redhat:ovirt-engine:3.3.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ovirt-engine:3.3.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ovirt-engine:3.3.5:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ovirt-engine:3.4.0:rc1:*:*:*:*:*:*
EPSS
Процентиль: 60%
0.00396
Низкий
6.8 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
redhat
почти 12 лет назад
Session fixation vulnerability in the web admin interface in oVirt 3.4.0 and earlier allows remote attackers to hijack web sessions via unspecified vectors.
github
больше 3 лет назад
Session fixation vulnerability in the web admin interface in oVirt 3.4.0 and earlier allows remote attackers to hijack web sessions via unspecified vectors.
EPSS
Процентиль: 60%
0.00396
Низкий
6.8 Medium
CVSS2
Дефекты
NVD-CWE-Other