CVE-2013-2144

Published: Jul 3, 2013Modified: Apr 29, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Red Hat Enterprise Virtualization Manager (RHEVM) before 3.2 does not properly check permissions for the target storage domain, which allows attackers to cause a denial of service (disk space consumption) by cloning a VM from a snapshot.

Affected (5)

Products: Redhat: Enterprise Virtualization Manager

Redhat

1 product

Enterprise Virtualization Manager

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Virtualization Manager	Up to 3.1
Redhat Enterprise Virtualization Manager	Version 2.1
Redhat Enterprise Virtualization Manager	Version 2.2.3
Redhat Enterprise Virtualization Manager	Version 2.2
Redhat Enterprise Virtualization Manager	Version 3.0

Related CWEs

CWE-264

References (2)

http://rhn.redhat.com/errata/RHSA-2013-0888.html

Source: secalert@redhat.com

Vendor Advisory

http://rhn.redhat.com/errata/RHSA-2013-0888.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.