CVE-2024-7259

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-7259

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-7259.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-7259

Published

2024-09-26T16:15:08.997Z

Modified

2026-04-10T05:20:21.545536Z

Severity

4.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

A flaw was found in oVirt. A user with administrator privileges, including users with the ReadOnlyAdmin permission, may be able to use browser developer tools to view Provider passwords in cleartext.

References

Affected packages

Git / github.com/ovirt/ovirt-engine

Affected ranges

Type

GIT

Repo

https://github.com/ovirt/ovirt-engine

Events

Introduced

Fixed

85cc83ecd2c9665db092681e6a56cabb83d48f61

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "4.5.7"
        }
    ]
}

Affected versions

Other

list

ovirt-engine-3.*

ovirt-engine-3.3-beta1

ovirt-engine-3.3_beta1

ovirt-engine-3.5.0_alpha1

ovirt-engine-3.5.0_alpha1.1

ovirt-engine-3.5.0_alpha2

ovirt-engine-3.5.0_beta1

ovirt-engine-3.6.0_alpha1

ovirt-engine-3.6.0_alpha1.1

ovirt-engine-3.6.0_alpha1.2

ovirt-engine-3.6.0_alpha2

ovirt-engine-3.6.0_alpha3

ovirt-engine-3.6.0_beta1

ovirt-engine-3.6.0_beta1.1

ovirt-engine-3.6.0_qa1

ovirt-engine-3.6.0_qa2

ovirt-engine-3.6.0_qa3

ovirt-engine-3.6.0_qa4

ovirt-engine-4.*

ovirt-engine-4.0.0_alpha1

ovirt-engine-4.0.0_beta1

ovirt-engine-4.1.0_beta1

ovirt-engine-4.2.0

ovirt-engine-4.2.0.1

ovirt-engine-4.2.0.2

ovirt-engine-4.2.0_beta1

ovirt-engine-4.2.0_beta2

ovirt-engine-4.2.0_test1

ovirt-engine-4.2.1

ovirt-engine-4.2.1.1

ovirt-engine-4.2.1.2

ovirt-engine-4.2.1.3

ovirt-engine-4.2.1.4

ovirt-engine-4.3.0

ovirt-engine-4.3.0.1

ovirt-engine-4.3.0.2

ovirt-engine-4.3.0.3

ovirt-engine-4.3.0.4

ovirt-engine-4.3.0_alpha

ovirt-engine-4.3.0_alpha2

ovirt-engine-4.3.0_rc

ovirt-engine-4.3.0_rc2

ovirt-engine-4.3.1

ovirt-engine-4.3.1.1

ovirt-engine-4.3.2

ovirt-engine-4.3.2.1

ovirt-engine-4.4.0

ovirt-engine-4.4.0.1

ovirt-engine-4.4.0.2

ovirt-engine-4.4.0.3

ovirt-engine-4.4.0_beta1

ovirt-engine-4.4.0_beta2

ovirt-engine-4.4.0_beta3

ovirt-engine-4.4.0_beta4

ovirt-engine-4.4.1

ovirt-engine-4.4.1.1

ovirt-engine-4.4.1.2

ovirt-engine-4.4.1.3

ovirt-engine-4.4.1.4

ovirt-engine-4.4.1.5

ovirt-engine-4.4.1.6

ovirt-engine-4.4.1.7

ovirt-engine-4.4.1.8

ovirt-engine-4.4.2

ovirt-engine-4.4.2.1

ovirt-engine-4.4.2.2

ovirt-engine-4.4.3

ovirt-engine-4.4.3.1

ovirt-engine-4.4.3.2

ovirt-engine-4.4.3.3

ovirt-engine-4.4.3.4

ovirt-engine-4.4.3.5

ovirt-engine-4.4.3.6

ovirt-engine-4.4.3.7

ovirt-engine-4.4.3.8

ovirt-engine-4.4.4

ovirt-engine-4.4.4.1

ovirt-engine-4.4.4.2

ovirt-engine-4.4.4.3

ovirt-engine-4.4.4.4

ovirt-engine-4.4.4.5

ovirt-engine-4.4.5

ovirt-engine-4.4.5.1

ovirt-engine-4.4.5.2

ovirt-engine-4.4.5.3

ovirt-engine-4.4.5.4

ovirt-engine-4.4.5.5

ovirt-engine-4.4.5.6

ovirt-engine-4.4.5.7

ovirt-engine-4.4.5.8

ovirt-engine-4.4.6

ovirt-engine-4.4.6.1

ovirt-engine-4.4.6.2

ovirt-engine-4.4.6.3

ovirt-engine-4.4.6.4

ovirt-engine-4.4.6.5

ovirt-engine-4.4.6.6

ovirt-engine-4.4.7

ovirt-engine-4.4.7.1

ovirt-engine-4.4.7.2

ovirt-engine-4.4.7.3

ovirt-engine-4.4.7.4

ovirt-engine-4.4.7.5

ovirt-engine-4.4.7.6

ovirt-engine-4.4.8

ovirt-engine-4.4.8.1

ovirt-engine-4.4.8.2

ovirt-engine-4.4.8.3

ovirt-engine-4.4.8.4

ovirt-engine-4.5.0

ovirt-engine-4.5.0.1

ovirt-engine-4.5.0.2

ovirt-engine-4.5.0_alpha1

ovirt-engine-4.5.1

ovirt-engine-4.5.1.1

ovirt-engine-4.5.1.2

ovirt-engine-4.5.2

ovirt-engine-4.5.2.1

ovirt-engine-4.5.2.2

ovirt-engine-4.5.3.1

ovirt-engine-4.5.4

ovirt-engine-4.5.5

ovirt-engine-4.5.6

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-7259.json"