CNNVD-202601-3349 Information
CNNVD ID
CNNVD-202601-3349
Related CVE
- CNNVD Published: 2026-01-21
Description (Chinese)
ManageIQ是ManageIQ开源的一个Web管理平台。 ManageIQ radjabov-2之前版本存在输入验证错误漏洞,该漏洞源于可创建格式错误的TimeProfile,可能导致后续UI和API请求超时,引发拒绝服务。
Description (English)
ManageIQ is a Web management platform for ManageIQ open source. A previous version of ManageIQ Radjabov-2 had an input authentication error that originated from the TimeProfile, which created an error in format, which could lead to subsequent UI and API requests being timed out and trigger a denial of service.
Hazard Level
High
Vulnerability Type
输入验证错误
Affected Vendor
ManageIQ
Published
2026-01-21
Last Modified
2026-02-24
References
https://github.com/ManageIQ/manageiq/security/advisories/GHSA-m832-x3g8-63j3 https://github.com/ManageIQ/manageiq/commit/79cef10c7d0278d8a37c3f547c426948180df4df.patch https://github.com/ManageIQ/manageiq/commit/86132851257d73ed9e31a88315e47a8a2b838113 https://access.redhat.com/security/cve/cve-2026-22598
Patch
https://www.manageiq.org/download/
Share on: