Skip to main content

Ovirt CVE-2014-7851

HIGH
Permissions, Privileges, and Access Controls (CWE-264)
2017-10-16 secalert@redhat.com
7.5
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Oct 16, 2017 - 15:29 cve.org
HIGH 7.5

DescriptionCVE.org

oVirt 3.2.2 through 3.5.0 does not invalidate the restapi session after logout from the webadmin, which allows remote authenticated users with knowledge of another user's session data to gain that user's privileges by replacing their session token with that of another user.

AnalysisAI

oVirt 3.2.2 through 3.5.0 does not invalidate the restapi session after logout from the webadmin, which allows remote authenticated users with knowledge of another user's session data to gain that. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-264. oVirt 3.2.2 through 3.5.0 does not invalidate the restapi session after logout from the webadmin, which allows remote authenticated users with knowledge of another user's session data to gain that user's privileges by replacing their session token with that of another user. Affected products include: Ovirt, Redhat Ovirt-Engine. Version information: through 3.5.0.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

More in Ovirt

View all
CVE-2018-1072 CRITICAL
9.8 Jun 26

ovirt-engine before version ovirt 4.2.2 is vulnerable to an information exposure through log files. Rated critical sever

CVE-2019-3879 HIGH
8.1 Mar 25

It was discovered that in the ovirt's REST API before version 4.3.2.1, RemoveDiskCommand is triggered as an internal com

CVE-2018-1075 HIGH
7.8 Jun 12

ovirt-engine up to version 4.2.3 is vulnerable to an unfiltered password when choosing manual db provisioning. Rated hig

CVE-2018-1074 HIGH
7.2 Apr 26

ovirt-engine API and administration web portal before versions 4.2.2.5, 4.1.11.2 is vulnerable to an exposure of Power M

CVE-2014-0152 MEDIUM
6.8 Sep 08

Session fixation vulnerability in the web admin interface in oVirt 3.4.0 and earlier allows remote attackers to hijack w

CVE-2016-6341 MEDIUM
5.5 Apr 20

oVirt Engine before 4.0.3 does not include DWH_DB_PASSWORD in the list of keys to hide in log files, which allows local

CVE-2019-10194 MEDIUM
5.5 Jul 11

Sensitive passwords used in deployment and configuration of oVirt Metrics, all versions. Rated medium severity (CVSS 5.5

CVE-2012-3533 MEDIUM
5.0 Aug 31

The python SDK before 3.1.0.6 and CLI before 3.1.0.8 for oVirt 3.1 does not check the server SSL certificate against the

CVE-2014-0154 MEDIUM
5.0 Feb 13

oVirt Engine before 3.5.0 does not include the HTTPOnly flag in a Set-Cookie header for the session IDs, which makes it

CVE-2014-0153 MEDIUM
4.3 Sep 08

The REST API in oVirt 3.4.0 and earlier stores session IDs in HTML5 local storage, which allows remote attackers to obta

Share

CVE-2014-7851 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy