Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-0168

Overview

Vulnerability Score 4.0 4.0
CVE Id CVE-2013-0168
Last Modified 19 Mar 2013 12:00:00
Published 12 Mar 2013 07:55:01
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2013-0168

Summary

The MoveDisk command in Red Hat Enterprise Virtualization Manager (RHEV-M) 3.1 and earlier does not properly check permissions on storage domains, which allows remote authenticated storage admins to cause a denial of service (free space consumption of other storage domains) via unspecified vectors.

Vulnerable Systems

Application

  • Redhat Enterprise Virtualization Manager 2.1

  • Redhat Enterprise Virtualization Manager 2.2

  • Redhat Enterprise Virtualization Manager 2.2.3

  • Redhat Enterprise Virtualization Manager 3.0

  • Redhat Enterprise Virtualization Manager 3.1


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=893355

XF - entreprise-movedisk-dos(81834)

SECTRACK - 1028076

BID - 57750

REDHAT - RHSA-2013:0211


Last Updated: 27 May 2016 11:02:04