CVE-2015-5293

MEDIUM

Red Hat Enterprise Virtualization Manager <3.6 - Info Disclosure

Title source: llm
STIX 2.1

Description

Red Hat Enterprise Virtualization Manager 3.6 and earlier gives valid SLAAC IPv6 addresses to interfaces when "boot protocol" is set to None, which might allow remote attackers to communicate with a system designated to be unreachable.

References (2)

Core 2
Core References
Vendor Advisory x_refsource_confirm
https://access.redhat.com/security/cve/CVE-2015-5293
Issue Tracking, VDB Entry, Vendor Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=1267714

Scores

CVSS v3 5.9
EPSS 0.0188
EPSS Percentile 77.0%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-284
Status published
Products (1)
redhat/enterprise_virtualization_manager < 3.6.0
Published Aug 24, 2017
Tracked Since Feb 18, 2026