ovirt-engine Vulnerability: Man-in-the-Middle Attack via vdsm X.509 Certificate Spoofing

CVE-2014-3706 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

ovirt-engine, as used in Red Hat MRG 3, allows man-in-the-middle attackers to spoof servers by leveraging failure to verify key attributes in vdsm X.509 certificates.

Learn more about our Cis Benchmark Audit For Server Software.