Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.1, in certain unspecified conditions, does not lock the desktop screen between SPICE sessions, which allows local users with access to a virtual machine to gain access to other users' desktop sessions via unspecified vectors.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Red Hat Enterprise Virtualization Manager SPICE锁屏竞争条件漏洞
Vulnerability Description
Red Hat Enterprise Virtualization Manager(RHEV-M)是美国红帽(Red Hat)公司的RHEV(企业虚拟化平台)的核心组件。该组件包含KVM工具,提供虚拟化管理功能。 Red Hat Enterprise Virtualization Manager (RHEV-M)3.1之前版本中存在漏洞,该漏洞源于在一定未明的条件下,程序没有在SPICE会话期间锁定桌面。通过未明向量,具有访问虚拟机权限的本地攻击者可利用该漏洞获得访问到其他用户的桌面会话。
CVSS Information
N/A
Vulnerability Type
N/A