RHV manager packages are installed on Host resulting in Vulnerabilities

Solution Verified - Updated -


  • Below Vulnerabilities are reported for RHVH :
CVE                                                         Vulnerability name
CVE-2019-10744,CVE-2019-11358,CVE-2019-8331                  RHEL 7 : Virtualization Manager (RHSA-2019:3024)
CVE-2018-1002105,CVE-2018-14632                              RHEL 7 : OpenShift Container Platform 3.9 (RHSA-2018:2908)
CVE-2018-1114,CVE-2018-7489                                  RHEL 7 : JBoss EAP (RHSA-2018:2089)
CVE-2018-1072,CVE-2018-1075                                  RHEL 7 : Virtualization Manager (RHSA-2018:2071)
CVE-2016-5003                                                RHEL 7 : xmlrpc (RHSA-2018:1780)
CVE-2018-1047,CVE-2018-1067,CVE-2018-8088                    RHEL 7 : JBoss EAP (RHSA-2018:1247)
CVE-2019-10086                                               RHEL 7 : apache-commons-beanutils (RHSA-2020:0194)
CVE-2018-10934,CVE-2018-14642,CVE-2018-1000632               RHEL 7 : JBoss EAP (RHSA-2019:0365)
CVE-2018-10862,CVE-2018-8039                                 RHEL 6 / 7 : JBoss EAP (RHSA-2018:2276)
CVE-2019-19336                                               RHEL 7 : Red Hat Virtualization Engine (RHSA-2020:0498)
CVE-2019-10194                                               RHEL 7 : Virtualization Manager (RHSA-2019:2499)
CVE-2017-2582                                                RHEL 7 : JBoss EAP (RHSA-2019:0137)
CVE-2018-14627                                               RHEL 7 : JBoss EAP (RHSA-2018:3528)
CVE-2018-3639                                                RHEL 7 : Virtualization Manager (RHSA-2018:1676) (Spectre) 
CVE-2021-4104                                                Apache Log4j 1.2 JMSAppender Remote Code Execution (CVE-2021-4104)
CVE-2019-17571,CVE-2020-9488,CVE-2022-23302,CVE-2022-23305   Apache Log4j 1.x Multiple Vulnerabilities
CVE-2017-12624,CVE-2018-1000180,CVE-2018-10237,CVE-2018-10862RHEL 7 : JBoss EAP (RHSA-2018:2424)
CVE-2019-10086,CVE-2019-17195                                RHEL 7 : Red Hat Virtualization Engine security, bug fix 4.3.9 (Low) (RHSA-2020:1308)


  • Red Hat Virtualization 4.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content