CVE-2011-4316

CWE-2644 documents4 sources
Severity
3.7LOW
EPSS
0.1%
top 80.83%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Redhat Enterprise Virtualization Manager
Timeline
PublishedJan 4
Latest updateMay 17

Description

Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.1, in certain unspecified conditions, does not lock the desktop screen between SPICE sessions, which allows local users with access to a virtual machine to gain access to other users' desktop sessions via unspecified vectors.

CVSS vector

AV:L/AC:H/C:P/I:P/A:PExploitability: 1.9 | Impact: 6.4

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-74pr-8f6c-8m9x: Red Hat Enterprise Virtualization Manager (RHEV-M) before 32022-05-17
CVEList
CVE-2011-4316: Red Hat Enterprise Virtualization Manager (RHEV-M) before 32013-01-04

💬Community

1
Bugzilla
CVE-2011-4316 SPICE screen locking race condition2011-11-18
CVE-2011-4316 (LOW CVSS 3.7) | Red Hat Enterprise Virtualization M | cvebase.io