CVE-2016-6338

2017-04-2017:00:00

redhat

www.cve.org

6.5 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.4%

JSON

ovirt-engine-webadmin, as used in Red Hat Enterprise Virtualization Manager (aka RHEV-M) for Servers and RHEV-M 4.0, allows physically proximate attackers to bypass a webadmin session timeout restriction via vectors related to UI selections, which trigger repeating queries.