CVE-2016-3077

MEDIUM

Redhat Ovirt-engine - Memory Corruption

Title source: rule

Description

The VersionMapper.fromKernelVersionString method in oVirt Engine allows remote authenticated users to cause a denial of service (process crash) for all VMs.

References (1)

[Issue Tracking, Third Party Advisory] https://bugzilla.redhat.com/show_bug.cgi?id=1321972

Scores

CVSS v3 6.5

EPSS 0.0039

EPSS Percentile 59.8%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-119

Status published

Products (2)

redhat/ovirt-engine

n/a/n/a

Published Jun 06, 2017

Tracked Since Feb 18, 2026