CVE-2024-7259

A flaw was found in oVirt. A user with administrator privileges, including users with the ReadOnlyAdmin permission, may be able to use browser developer tools to view Provider passwords in cleartext.

Published: Sep 26, 2024
Updated: Jul 31, 2025
CVE: CVE-2024-7259
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.9
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
ovirt / ovirt-engine	-	4.5.7

https://access.redhat.com/security/cve/CVE-2024-7259
https://bugzilla.redhat.com/show_bug.cgi?id=2314229

Vulnerability Database

CVE-2024-7259