CVE-2015-5201 Information
Feb 14, 2021
cve
Description
VDSM and libvirt in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H) 7-7.x before 7-7.2-20151119.0 and 6-6.x before 6-6.7-20151117.0 as packaged in Red Hat Enterprise Virtualization before 3.5.6 when VSDM is run with -spice disable-ticketing and a VM is suspended and then restored allows remote attackers to log in without authentication via unspecified vectors.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Reference
https://access.redhat.com/security/cve/cve-2015-5201 https://bugzilla.redhat.com/show_bug.cgi?id=1253882 https://bugzilla.redhat.com/show_bug.cgi?id=1273144 https://rhn.redhat.com/errata/RHEA-2015-2527.html
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
NONE
Availability Impact
HIGH
Base Score
NONE
Base Severity
7.5
Share on: