CVE-2012-3533 Information

Feb 14, 2021 cve

Description

The python SDK before 3.1.0.6 and CLI before 3.1.0.8 for oVirt 3.1 does not check the server SSL certificate against the client keys which allows remote attackers to spoof a server via a man-in-the-middle (MITM) attack.

Reference

http://gerrit.ovirt.org//c/7209/ http://gerrit.ovirt.org//c/7249/ http://secunia.com/advisories/50409 http://www.openwall.com/lists/oss-security/2012/08/24/6 http://www.openwall.com/lists/oss-security/2012/08/26/1 http://www.securityfocus.com/bid/55208 https://bugzilla.redhat.com/show_bug.cgi?id=851672 https://exchange.xforce.ibmcloud.com/vulnerabilities/77984

Share on: