Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 ignores the permission to deny snapshot creation during live storage migration between domains, which allows remote authenticated users to cause a denial of service (prevent host start) by creating a long snapshot chain.
References
Link | Resource |
---|---|
http://rhn.redhat.com/errata/RHSA-2015-0888.html | Vendor Advisory |
http://www.securitytracker.com/id/1032231 |
Configurations
Information
Published : 2015-05-01 08:59
Updated : 2023-02-12 15:15
NVD link : CVE-2015-0237
Mitre link : CVE-2015-0237
JSON object : View
CWE
CWE-264
Permissions, Privileges, and Access Controls
Products Affected
redhat
- enterprise_virtualization_manager