Lucene search
RedhatCVE-2015-0257HistoryMay 01, 2015 - 3:59 p.m.
CVE-2015-0257
2015-05-0115:59:03
CWE-264
redhat
web.nvd.nist.gov
31
cve-2015-0257
red hat
rhev manager
vulnerability
weak permissions
information disclosure
nvd
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
6
Confidence
Low
EPSS
0
Percentile
5.1%
Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 uses weak permissions on the directories shared by the ovirt-engine-dwhd service and a plugin during service startup, which allows local users to obtain sensitive information by reading files in the directory.
Affected configurations
Node
redhatenterprise_virtualization_managerRange≤3.5.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | enterprise_virtualization_manager | * | cpe:2.3:a:redhat:enterprise_virtualization_manager:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2015-0257
2015-05-01 15:00:00
prion
prion
Directory traversal
2015-05-01 15:59:00
nvd
nvd
CVE-2015-0257
2015-05-01 15:59:03
nessus
nessus
RHEL 6 : Virtualization Manager (RHSA-2015:0888)
2015-04-30 00:00:00
redhat
redhat
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
6
Confidence
Low
EPSS
0
Percentile
5.1%
Related for CVE-2015-0257