Daniel Erez

**Name of the Vulnerable Software and Affected Versions** oVirt (affected versions not specified) **Description** The issue allows oVirt users with MANIPULATE STORAGE DOMAIN permissions to attach a storage domain to any data-center. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Red Hat Enterprise Virtualization Manager (RHEVM) versions prior to 3.2 **Description** The issue allows attackers to cause a denial of service by consuming disk space through cloning a VM from a snapshot, due to improper permission checks for the target storage domain. **Recommendations** For versions prior to 3.2, update to version 3.2 or later to resolve the issue.