cfme-gemset versions 5.10.4.3 and below, 5.9.9.3 and below are vulnerable to a data leak, due to an improper authorization in the migration log controller. An attacker with access to an unprivileged user can access all VM migration logs available.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2019-06-14T13:53:19
Updated: 2024-08-04T22:10:09.973Z
Reserved: 2019-03-27T00:00:00
Link: CVE-2019-10159
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-06-14T14:29:00.407
Modified: 2024-11-21T04:18:32.573
Link: CVE-2019-10159
Redhat