CVE-2019-10159 – cfme-gemset versions 5.10.4.3 and below, 5.9.9.3 and below are vulnerable to a data leak, …

Vuln ID: CVE-2019-10159

Published:  2019-06-14  14:29:00Z

Description: cfme-gemset versions 5.10.4.3 and below, 5.9.9.3 and below are vulnerable to a data leak, due to an improper authorization in the migration log controller. An attacker with access to an unprivileged user can access all VM migration logs available.

Source: NVD.NIST.GOV

 

Tags