CVE-2024-7259

Опубликовано: 26 сент. 2024

Источник: nvd

CVSS3: 4.4

CVSS3: 4.9

EPSS Низкий

Описание

A flaw was found in oVirt. A user with administrator privileges, including users with the ReadOnlyAdmin permission, may be able to use browser developer tools to view Provider passwords in cleartext.

Ссылки

https://access.redhat.com/security/cve/CVE-2024-7259
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2314229
Issue Tracking
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:ovirt:ovirt-engine:*:*:*:*:*:*:*:*

Версия до 4.5.7 (исключая)

cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*

EPSS

Процентиль: 17%

0.00054

Низкий

4.4 Medium

CVSS3

4.9 Medium

CVSS3

Дефекты

CWE-312

Связанные уязвимости

CVE-2024-7259

CVSS3: 4.4

redhat

11 месяцев назад

A flaw was found in oVirt. A user with administrator privileges, including users with the ReadOnlyAdmin permission, may be able to use browser developer tools to view Provider passwords in cleartext.

GHSA-9gxg-3rjh-xv63

CVSS3: 4.4

github

11 месяцев назад

A flaw was found in oVirt. A user with administrator privileges, including users with the ReadOnlyAdmin permission, may be able to use browser developer tools to view Provider passwords in cleartext.

ELSA-2024-12701

oracle-oval

11 месяцев назад

ELSA-2024-12701: ovirt-engine security update (MODERATE)

EPSS

Процентиль: 17%

0.00054

Низкий

4.4 Medium

CVSS3

4.9 Medium

CVSS3

Дефекты

CWE-312