Vulnerability in Ovirt
CVE-2014-0152
Session fixation vulnerability in the web admin interface in oVirt 3.4.0 and earlier allows remote attackers to hijack web sessions via unspecified vectors.
EPSS: 0.004 (60.8th percentile) — read the EPSS interpretation.
Affected products
- Ovirt
- Redhat Ovirt-engine — versions 3.0.0, 3.1.0, 3.2.0
- N/a — versions n/a
References
- secalert@redhat.com (x_refsource_CONFIRM, Patch)
- secalert@redhat.com (x_refsource_CONFIRM, Patch, Vendor Advisory)