Search
Find a vulnerability
Search criteria
2 vulnerabilities found for 3.1.0.5 by ovirt-engine-sdk
CVE-2012-3533 (GCVE-0-2012-3533)
Vulnerability from nvd – Published: 2012-08-31 20:00 – Updated: 2024-08-06 20:13
VLAI
Summary
The python SDK before 3.1.0.6 and CLI before 3.1.0.8 for oVirt 3.1 does not check the server SSL certificate against the client keys, which allows remote attackers to spoof a server via a man-in-the-middle (MITM) attack.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/55208 | vdb-entryx_refsource_BID |
| http://www.openwall.com/lists/oss-security/2012/08/24/6 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2012/08/26/1 | mailing-listx_refsource_MLIST |
| https://bugzilla.redhat.com/show_bug.cgi?id=851672 | x_refsource_MISC |
| http://secunia.com/advisories/50409 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://gerrit.ovirt.org/#/c/7209/ | x_refsource_CONFIRM |
| http://gerrit.ovirt.org/#/c/7249/ | x_refsource_CONFIRM |
Date Public
2012-08-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:13:49.917Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55208",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55208"
},
{
"name": "[oss-security] 20120824 oVirt 3.1 does not validate server certificates in python sdk and cli (CVE-2012-3533)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/08/24/6"
},
{
"name": "[oss-security] 20120826 Re: oVirt 3.1 does not validate server certificates in python sdk and cli (CVE-2012-3533)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/08/26/1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=851672"
},
{
"name": "50409",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50409"
},
{
"name": "ovirt-ssl-spoofing(77984)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77984"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gerrit.ovirt.org/#/c/7209/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gerrit.ovirt.org/#/c/7249/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-08-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The python SDK before 3.1.0.6 and CLI before 3.1.0.8 for oVirt 3.1 does not check the server SSL certificate against the client keys, which allows remote attackers to spoof a server via a man-in-the-middle (MITM) attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "55208",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55208"
},
{
"name": "[oss-security] 20120824 oVirt 3.1 does not validate server certificates in python sdk and cli (CVE-2012-3533)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/08/24/6"
},
{
"name": "[oss-security] 20120826 Re: oVirt 3.1 does not validate server certificates in python sdk and cli (CVE-2012-3533)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/08/26/1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=851672"
},
{
"name": "50409",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50409"
},
{
"name": "ovirt-ssl-spoofing(77984)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77984"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gerrit.ovirt.org/#/c/7209/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gerrit.ovirt.org/#/c/7249/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-3533",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The python SDK before 3.1.0.6 and CLI before 3.1.0.8 for oVirt 3.1 does not check the server SSL certificate against the client keys, which allows remote attackers to spoof a server via a man-in-the-middle (MITM) attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "55208",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55208"
},
{
"name": "[oss-security] 20120824 oVirt 3.1 does not validate server certificates in python sdk and cli (CVE-2012-3533)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/08/24/6"
},
{
"name": "[oss-security] 20120826 Re: oVirt 3.1 does not validate server certificates in python sdk and cli (CVE-2012-3533)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/08/26/1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=851672",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=851672"
},
{
"name": "50409",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50409"
},
{
"name": "ovirt-ssl-spoofing(77984)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77984"
},
{
"name": "http://gerrit.ovirt.org/#/c/7209/",
"refsource": "CONFIRM",
"url": "http://gerrit.ovirt.org/#/c/7209/"
},
{
"name": "http://gerrit.ovirt.org/#/c/7249/",
"refsource": "CONFIRM",
"url": "http://gerrit.ovirt.org/#/c/7249/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-3533",
"datePublished": "2012-08-31T20:00:00.000Z",
"dateReserved": "2012-06-14T00:00:00.000Z",
"dateUpdated": "2024-08-06T20:13:49.917Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-3533 (GCVE-0-2012-3533)
Vulnerability from cvelistv5 – Published: 2012-08-31 20:00 – Updated: 2024-08-06 20:13
VLAI
Summary
The python SDK before 3.1.0.6 and CLI before 3.1.0.8 for oVirt 3.1 does not check the server SSL certificate against the client keys, which allows remote attackers to spoof a server via a man-in-the-middle (MITM) attack.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/55208 | vdb-entryx_refsource_BID |
| http://www.openwall.com/lists/oss-security/2012/08/24/6 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2012/08/26/1 | mailing-listx_refsource_MLIST |
| https://bugzilla.redhat.com/show_bug.cgi?id=851672 | x_refsource_MISC |
| http://secunia.com/advisories/50409 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://gerrit.ovirt.org/#/c/7209/ | x_refsource_CONFIRM |
| http://gerrit.ovirt.org/#/c/7249/ | x_refsource_CONFIRM |
Date Public
2012-08-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:13:49.917Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55208",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55208"
},
{
"name": "[oss-security] 20120824 oVirt 3.1 does not validate server certificates in python sdk and cli (CVE-2012-3533)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/08/24/6"
},
{
"name": "[oss-security] 20120826 Re: oVirt 3.1 does not validate server certificates in python sdk and cli (CVE-2012-3533)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/08/26/1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=851672"
},
{
"name": "50409",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50409"
},
{
"name": "ovirt-ssl-spoofing(77984)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77984"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gerrit.ovirt.org/#/c/7209/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gerrit.ovirt.org/#/c/7249/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-08-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The python SDK before 3.1.0.6 and CLI before 3.1.0.8 for oVirt 3.1 does not check the server SSL certificate against the client keys, which allows remote attackers to spoof a server via a man-in-the-middle (MITM) attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "55208",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55208"
},
{
"name": "[oss-security] 20120824 oVirt 3.1 does not validate server certificates in python sdk and cli (CVE-2012-3533)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/08/24/6"
},
{
"name": "[oss-security] 20120826 Re: oVirt 3.1 does not validate server certificates in python sdk and cli (CVE-2012-3533)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/08/26/1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=851672"
},
{
"name": "50409",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50409"
},
{
"name": "ovirt-ssl-spoofing(77984)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77984"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gerrit.ovirt.org/#/c/7209/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gerrit.ovirt.org/#/c/7249/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-3533",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The python SDK before 3.1.0.6 and CLI before 3.1.0.8 for oVirt 3.1 does not check the server SSL certificate against the client keys, which allows remote attackers to spoof a server via a man-in-the-middle (MITM) attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "55208",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55208"
},
{
"name": "[oss-security] 20120824 oVirt 3.1 does not validate server certificates in python sdk and cli (CVE-2012-3533)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/08/24/6"
},
{
"name": "[oss-security] 20120826 Re: oVirt 3.1 does not validate server certificates in python sdk and cli (CVE-2012-3533)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/08/26/1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=851672",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=851672"
},
{
"name": "50409",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50409"
},
{
"name": "ovirt-ssl-spoofing(77984)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77984"
},
{
"name": "http://gerrit.ovirt.org/#/c/7209/",
"refsource": "CONFIRM",
"url": "http://gerrit.ovirt.org/#/c/7209/"
},
{
"name": "http://gerrit.ovirt.org/#/c/7249/",
"refsource": "CONFIRM",
"url": "http://gerrit.ovirt.org/#/c/7249/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-3533",
"datePublished": "2012-08-31T20:00:00.000Z",
"dateReserved": "2012-06-14T00:00:00.000Z",
"dateUpdated": "2024-08-06T20:13:49.917Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}