CVE-2015-7544

critical

Description

redhat-support-plugin-rhev in Red Hat Enterprise Virtualization Manager (aka RHEV Manager) before 3.6 allows remote authenticated users with the SuperUser role on any Entity to execute arbitrary commands on any host in the RHEV environment.

References

https://rhn.redhat.com/errata/RHSA-2016-0426.html

https://bugzilla.redhat.com/show_bug.cgi?id=1269588

Details

Source: Mitre, NVD

Published: 2017-09-25

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 9

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Severity: Critical