exploitDog

CVE-2015-0237

Опубликовано: 01 мая 2015

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 ignores the permission to deny snapshot creation during live storage migration between domains, which allows remote authenticated users to cause a denial of service (prevent host start) by creating a long snapshot chain.

Ссылки

http://rhn.redhat.com/errata/RHSA-2015-0888.html
Vendor Advisory
http://www.securitytracker.com/id/1032231
http://rhn.redhat.com/errata/RHSA-2015-0888.html
Vendor Advisory
http://www.securitytracker.com/id/1032231

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:redhat:enterprise_virtualization_manager:*:*:*:*:*:*:*:*

Версия до 3.5.0 (включая)

EPSS

Процентиль: 61%

0.00418

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

CVE-2015-0237

redhat

около 11 лет назад

Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 ignores the permission to deny snapshot creation during live storage migration between domains, which allows remote authenticated users to cause a denial of service (prevent host start) by creating a long snapshot chain.

GHSA-w75w-f8r5-wc7w

github

больше 3 лет назад

Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 ignores the permission to deny snapshot creation during live storage migration between domains, which allows remote authenticated users to cause a denial of service (prevent host start) by creating a long snapshot chain.

EPSS

Процентиль: 61%

0.00418

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-264