CVE-2013-2144

Red Hat Enterprise Virtualization Manager (RHEVM) before 3.2 does not properly check permissions for the target storage domain, which allows attackers to cause a denial of service (disk space consumption) by cloning a VM from a snapshot.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:redhat:enterprise_virtualization_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:redhat:enterprise_virtualization_manager:2.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:enterprise_virtualization_manager:2.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:enterprise_virtualization_manager:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:enterprise_virtualization_manager:3.0:*:*:*:*:*:*:*

History

21 Nov 2024, 01:51

Type Values Removed Values Added
References () http://rhn.redhat.com/errata/RHSA-2013-0888.html - Vendor Advisory () http://rhn.redhat.com/errata/RHSA-2013-0888.html - Vendor Advisory

Information

Published : 2013-07-03 18:55

Updated : 2024-11-21 01:51


NVD link : CVE-2013-2144

Mitre link : CVE-2013-2144

CVE.ORG link : CVE-2013-2144


JSON object : View

Products Affected

redhat

  • enterprise_virtualization_manager
CWE
CWE-264

Permissions, Privileges, and Access Controls