CVE-2015-0237

Published: May 1, 2015Modified: May 6, 2026

6.8

Vector

AV:N/AC:L/Au:S/C:N/I:N/A:C

Exploitability: 8.0 / Impact: 6.9

Source: NVD

Description

Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 ignores the permission to deny snapshot creation during live storage migration between domains, which allows remote authenticated users to cause a denial of service (prevent host start) by creating a long snapshot chain.

Affected (1)

Products: Redhat: Enterprise Virtualization Manager

1 product

Enterprise Virtualization Manager

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Virtualization Manager	Up to 3.5.0

Related CWEs

References (4)

http://rhn.redhat.com/errata/RHSA-2015-0888.html

Source: secalert@redhat.com

Vendor Advisory

http://www.securitytracker.com/id/1032231

Source: secalert@redhat.com

http://rhn.redhat.com/errata/RHSA-2015-0888.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securitytracker.com/id/1032231

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.