CVE-2012-2696

Description

The backend in Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.1 does not properly check privileges, which allows remote authenticated users to query arbitrary information via a (1) SOAP or (2) GWT request.

CVSS Version 2.0

nvd
CVE ID: CVE-2012-2696
Base Score: 2.7
Base Severity: LOW
Vector String:AV:A/AC:L/Au:S/C:P/I:N/A:N

Refrence: NVD

Description​

Description