Ovirt · Ovirt Engine · CVE-2014-0151
**Name of the Vulnerable Software and Affected Versions**
oVirt Engine versions prior to 3.5.0 beta2
**Description**
A cross-site request forgery (CSRF) issue allows remote attackers to hijack user authentication for requests that perform unspecified actions via a REST API request.
**Recommendations**
For versions prior to 3.5.0 beta2, update to version 3.5.0 beta2 or later to resolve the issue.