Back to bug 1369285
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Kurt Seifried | 2016-08-23 02:11:52 UTC | CC | security-response-team | |
| Kurt Seifried | 2016-08-23 02:14:18 UTC | Whiteboard | impact=low,public=no,reported=20160818,source=redhat,cvss2=3.7/AV:L/AC:H/Au:N/C:P/I:P/A:P,cvss3=3.8/CVSS:3.0/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L,cwe=CWE-20,rhev-m-3/ovirt-engine-webadmin-portal=affected,fedora-all/ovirt-engine=affected | impact=low,public=no,reported=20160818,source=redhat,cvss2=3.7/AV:L/AC:H/Au:N/C:P/I:P/A:P,cvss3=3.8/CVSS:3.0/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L,cwe=CWE-20,rhev-m-3/ovirt-engine-webadmin-portal=affected,fedora-all/ovirt-engine=affected,rhev-m-4/ovirt-engine-webadmin-portal=affected |
| Adam Mariš | 2016-08-23 13:47:33 UTC | Blocks | 1368366 | |
| Kurt Seifried | 2016-08-26 20:27:34 UTC | Whiteboard | impact=low,public=no,reported=20160818,source=redhat,cvss2=3.7/AV:L/AC:H/Au:N/C:P/I:P/A:P,cvss3=3.8/CVSS:3.0/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L,cwe=CWE-20,rhev-m-3/ovirt-engine-webadmin-portal=affected,fedora-all/ovirt-engine=affected,rhev-m-4/ovirt-engine-webadmin-portal=affected | impact=low,public=no,reported=20160818,source=redhat,cvss2=3.7/AV:L/AC:H/Au:N/C:P/I:P/A:P,cvss3=3.8/CVSS:3.0/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L,cwe=CWE-20,rhev-m-3/ovirt-engine=affected,fedora-all/ovirt-engine=affected,rhev-m-4/ovirt-engine=affected |
| Kurt Seifried | 2016-08-26 20:27:55 UTC | Depends On | 1370632 | |
| Kurt Seifried | 2016-08-26 20:31:36 UTC | Depends On | 1370633 | |
| Kurt Seifried | 2016-08-28 02:00:11 UTC | Whiteboard | impact=low,public=no,reported=20160818,source=redhat,cvss2=3.7/AV:L/AC:H/Au:N/C:P/I:P/A:P,cvss3=3.8/CVSS:3.0/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L,cwe=CWE-20,rhev-m-3/ovirt-engine=affected,fedora-all/ovirt-engine=affected,rhev-m-4/ovirt-engine=affected | impact=low,public=20160827,reported=20160818,source=redhat,cvss2=3.7/AV:L/AC:H/Au:N/C:P/I:P/A:P,cvss3=3.8/CVSS:3.0/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L,cwe=CWE-20,rhev-m-3/ovirt-engine=affected,fedora-all/ovirt-engine=affected,rhev-m-4/ovirt-engine=affected |
| Kurt Seifried | 2016-08-28 02:00:16 UTC | Summary | EMBARGOED CVE-2016-6338 ovirt-engine-webadmin log out must logout all sessions | CVE-2016-6338 ovirt-engine-webadmin log out must logout all sessions |
| Kurt Seifried | 2016-08-28 02:00:21 UTC | Group | security, qe_staff | |
| Kurt Seifried | 2016-08-28 02:07:12 UTC | Depends On | 1370890 | |
| Oved Ourfali | 2016-08-30 12:15:17 UTC | CC | gshereme | |
| Kurt Seifried | 2016-09-30 18:28:55 UTC | Whiteboard | impact=low,public=20160827,reported=20160818,source=redhat,cvss2=3.7/AV:L/AC:H/Au:N/C:P/I:P/A:P,cvss3=3.8/CVSS:3.0/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L,cwe=CWE-20,rhev-m-3/ovirt-engine=affected,fedora-all/ovirt-engine=affected,rhev-m-4/ovirt-engine=affected | impact=low,public=20160827,reported=20160818,source=redhat,cvss2=3.7/AV:L/AC:H/Au:N/C:P/I:P/A:P,cvss3=3.8/CVSS:3.0/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L,cwe=CWE-20,rhev-m-3/ovirt-engine=wontfix,fedora-all/ovirt-engine=affected,rhev-m-4/ovirt-engine=affected |
| Kurt Seifried | 2017-07-15 02:04:12 UTC | Depends On | 1471325 | |
| Scott Herold | 2017-09-12 15:41:32 UTC | CC | sherold | |
| Doran Moppert | 2017-11-27 01:23:31 UTC | Summary | CVE-2016-6338 ovirt-engine-webadmin log out must logout all sessions | CVE-2016-6338 ovirt-engine: webadmin log out must logout all sessions |
| Doran Moppert | 2017-11-27 01:44:56 UTC | Doc Text | It was discovered that the ovirt-engine webadmin session would not properly enforce timeouts. Browser sessions would remain logged in beyond the administratively configured session timeout period. | |
| Eric Christensen | 2017-11-27 13:23:58 UTC | Whiteboard | impact=low,public=20160827,reported=20160818,source=redhat,cvss2=3.7/AV:L/AC:H/Au:N/C:P/I:P/A:P,cvss3=3.8/CVSS:3.0/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L,cwe=CWE-20,rhev-m-3/ovirt-engine=wontfix,fedora-all/ovirt-engine=affected,rhev-m-4/ovirt-engine=affected | impact=low,public=20160827,reported=20160817,source=redhat,cvss2=3.7/AV:L/AC:H/Au:N/C:P/I:P/A:P,cvss3=3.8/CVSS:3.0/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L,cwe=CWE-20,rhev-m-3/ovirt-engine=wontfix,fedora-all/ovirt-engine=affected,rhev-m-4/ovirt-engine=affected |
| Eric Christensen | 2017-11-27 14:02:05 UTC | Whiteboard | impact=low,public=20160827,reported=20160817,source=redhat,cvss2=3.7/AV:L/AC:H/Au:N/C:P/I:P/A:P,cvss3=3.8/CVSS:3.0/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L,cwe=CWE-20,rhev-m-3/ovirt-engine=wontfix,fedora-all/ovirt-engine=affected,rhev-m-4/ovirt-engine=affected | impact=low,public=20160827,reported=20160816,source=redhat,cvss2=3.7/AV:L/AC:H/Au:N/C:P/I:P/A:P,cvss3=3.8/CVSS:3.0/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L,cwe=CWE-20,rhev-m-3/ovirt-engine=wontfix,fedora-all/ovirt-engine=affected,rhev-m-4/ovirt-engine=affected |
| Viliam Križan | 2018-02-12 10:32:00 UTC | Whiteboard | impact=low,public=20160827,reported=20160816,source=redhat,cvss2=3.7/AV:L/AC:H/Au:N/C:P/I:P/A:P,cvss3=3.8/CVSS:3.0/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L,cwe=CWE-20,rhev-m-3/ovirt-engine=wontfix,fedora-all/ovirt-engine=affected,rhev-m-4/ovirt-engine=affected | impact=low,public=20160827,reported=20160819,source=redhat,cvss2=3.7/AV:L/AC:H/Au:N/C:P/I:P/A:P,cvss3=3.8/CVSS:3.0/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L,cwe=CWE-20,rhev-m-3/ovirt-engine=wontfix,fedora-all/ovirt-engine=affected,rhev-m-4/ovirt-engine=affected |
| PnT Account Manager | 2018-07-18 14:59:48 UTC | CC | rbalakri | |
| PnT Account Manager | 2018-11-05 22:46:16 UTC | CC | ylavi | |
| Gil Klein | 2019-04-14 12:39:38 UTC | CC | gklein | |
| Product Security DevOps Team | 2019-06-08 02:57:43 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2019-06-08 02:57:43 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:55:15 UTC | Whiteboard | impact=low,public=20160827,reported=20160819,source=redhat,cvss2=3.7/AV:L/AC:H/Au:N/C:P/I:P/A:P,cvss3=3.8/CVSS:3.0/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L,cwe=CWE-20,rhev-m-3/ovirt-engine=wontfix,fedora-all/ovirt-engine=affected,rhev-m-4/ovirt-engine=affected |
Back to bug 1369285