CVE-2018-10917
The MITRE CVE dictionary describes this issue as:
Find out more about CVE-2018-10917 from the MITRE CVE dictionary dictionary and NIST NVD.
Statement
Red Hat Enterprise Virtualization Hypervisor includes only selected components of pulp, which are not affected by this flaw.
CVSS v3 metrics
NOTE: The following CVSS v3 metrics and score provided are preliminary and subject to review.
| CVSS3 Base Score | 6.8 |
|---|---|
| CVSS3 Base Metrics | CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H |
| Attack Vector | Network |
| Attack Complexity | High |
| Privileges Required | None |
| User Interaction | Required |
| Scope | Unchanged |
| Confidentiality | None |
| Integrity Impact | High |
| Availability Impact | High |
Affected Packages State
| Platform | Package | State |
|---|---|---|
| Red Hat Virtualization 4 | pulp | Not affected |
| Red Hat Satellite 6 | pulp | Affected |
Acknowledgements
Red Hat would like to thank Simon Baatz (Telekom Deutschland GmbH) for reporting this issue.CVE description copyright © 2017, The MITRE Corporation
