Untriaged
Permalink
CVE-2024-7259
4.4 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): HIGH
- Privileges required (PR): HIGH
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): HIGH
- Integrity impact (I): NONE
- Availability impact (A): NONE
Ovirt-engine: potential exposure of cleartext provider passwords via web ui
A flaw was found in oVirt. A user with administrator privileges, including users with the ReadOnlyAdmin permission, may be able to use browser developer tools to view Provider passwords in cleartext.
References
- RHBZ#2314229 issue-tracking x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2024-7259 x_refsource_REDHAT vdb-entry
- https://access.redhat.com/security/cve/CVE-2024-7259 x_refsource_REDHAT vdb-entry
- RHBZ#2314229 issue-tracking x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2024-7259 x_refsource_REDHAT vdb-entry
- RHBZ#2314229 issue-tracking x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2024-7259 x_refsource_REDHAT vdb-entry
- RHBZ#2314229 issue-tracking x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2024-7259 x_refsource_REDHAT vdb-entry
- RHBZ#2314229 issue-tracking x_refsource_REDHAT
Affected products
ovirt-engine
- <4.5.7
Matching in nixpkgs
pkgs.rubyPackages.ovirt-engine-sdk
None
-
nixos-unstable -
- nixpkgs-unstable 4.6.0
pkgs.rubyPackages_3_1.ovirt-engine-sdk
None
-
nixos-unstable -
- nixpkgs-unstable 4.6.0
pkgs.rubyPackages_3_2.ovirt-engine-sdk
None
-
nixos-unstable -
- nixpkgs-unstable 4.6.0
pkgs.rubyPackages_3_3.ovirt-engine-sdk
None
-
nixos-unstable -
- nixpkgs-unstable 4.6.0
pkgs.rubyPackages_3_4.ovirt-engine-sdk
None
-
nixos-unstable -
- nixpkgs-unstable 4.6.0