CVE Vulnerabilities

CVE-2011-4316

Published: Jan 04, 2013 | Modified: Jan 07, 2013
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
3.7 LOW
AV:L/AC:H/Au:N/C:P/I:P/A:P
RedHat/V2
3.6 MODERATE
AV:N/AC:H/Au:S/C:P/I:P/A:N
RedHat/V3
Ubuntu

Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.1, in certain unspecified conditions, does not lock the desktop screen between SPICE sessions, which allows local users with access to a virtual machine to gain access to other users desktop sessions via unspecified vectors.

Affected Software

Name Vendor Start Version End Version
Enterprise_virtualization_manager Redhat * 3.0 (including)
Enterprise_virtualization_manager Redhat 2.1 (including) 2.1 (including)
Enterprise_virtualization_manager Redhat 2.2 (including) 2.2 (including)
Enterprise_virtualization_manager Redhat 2.2.3 (including) 2.2.3 (including)
RHEV Manager version 3.0 RedHat org.ovirt.engine-root-0:3.1.0-32 *

References