You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
An authentication bypass vulnerability was found in overt-engine <= 4.5.5. This flaw allows the creation of users in the system without authentication due to a flaw in the CreateUserSession command.
Patches
The problem has been fixed with #914 and released with ovirt-engine-4.5.6
Impact
An authentication bypass vulnerability was found in overt-engine <= 4.5.5. This flaw allows the creation of users in the system without authentication due to a flaw in the CreateUserSession command.
Patches
The problem has been fixed with #914 and released with ovirt-engine-4.5.6
References
Thanks to Jirka Simon for reporting it: https://lists.ovirt.org/archives/list/[email protected]/thread/HG33VD56KZZQKCJDXIAB667J4HIHH2DQ/