PT-2013-2144 · Red Hat · Red Hat Enterprise Virtualization Manager
Ondrej Machacek
·
Publicado
2013-03-12
·
Atualizado
2017-08-29
·
CVE-2013-0168
CVSS v2.0
4.0
Média
| Vetor | AV:N/AC:L/Au:S/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
Red Hat Enterprise Virtualization Manager (RHEV-M) versions 3.1 and earlier
Description
The issue is related to the MoveDisk command, which does not properly check permissions on storage domains. This allows remote authenticated storage admins to cause a denial of service by consuming free space of other storage domains.
Recommendations
For versions 3.1 and earlier, consider restricting access to the MoveDisk command to prevent unauthorized use until a fix is available.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Red Hat Enterprise Virtualization Manager