CVE-2015-0237

medium

Description

Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 ignores the permission to deny snapshot creation during live storage migration between domains, which allows remote authenticated users to cause a denial of service (prevent host start) by creating a long snapshot chain.

References

http://www.securitytracker.com/id/1032231

http://rhn.redhat.com/errata/RHSA-2015-0888.html

Details

Source: Mitre, NVD

Published: 2015-05-01

Updated: 2023-02-12

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H