{"id":"RHSA-2020:1308","summary":"Red Hat Security Advisory: Red Hat Virtualization Engine security, bug fix 4.3.9","modified":"2026-05-15T10:51:23.868428Z","published":"2024-09-20T13:55:34Z","upstream":["CVE-2019-10086","CVE-2019-17195"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2020:1308"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#low"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1752522"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1764791"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1767483"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1789737"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1792874"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1797496"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1801310"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1808038"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1808607"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1809470"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1810527"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_1308.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-10086"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-10086"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10086"},{"type":"ARTICLE","url":"https://commons.apache.org/proper/commons-beanutils/javadocs/v1.9.4/RELEASE-NOTES.txt"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-17195"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-17195"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-17195"}],"affected":[{"package":{"name":"apache-commons-beanutils","ecosystem":"Red Hat:enterprise_linux:7::hypervisor","purl":"pkg:rpm/redhat/apache-commons-beanutils"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.8.3-15.el7_7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1308.json"}},{"package":{"name":"apache-commons-beanutils-javadoc","ecosystem":"Red Hat:enterprise_linux:7::hypervisor","purl":"pkg:rpm/redhat/apache-commons-beanutils-javadoc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.8.3-15.el7_7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1308.json"}},{"package":{"name":"ovirt-engine","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.9.3-0.1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1308.json"}},{"package":{"name":"ovirt-engine-backend","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-backend"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.9.3-0.1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1308.json"}},{"package":{"name":"ovirt-engine-dbscripts","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-dbscripts"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.9.3-0.1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1308.json"}},{"package":{"name":"ovirt-engine-extensions-api-impl","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-extensions-api-impl"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.9.3-0.1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1308.json"}},{"package":{"name":"ovirt-engine-extensions-api-impl-javadoc","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-extensions-api-impl-javadoc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.9.3-0.1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1308.json"}},{"package":{"name":"ovirt-engine-health-check-bundler","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-health-check-bundler"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.9.3-0.1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1308.json"}},{"package":{"name":"ovirt-engine-restapi","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-restapi"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.9.3-0.1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1308.json"}},{"package":{"name":"ovirt-engine-setup","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-setup"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.9.3-0.1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1308.json"}},{"package":{"name":"ovirt-engine-setup-base","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-setup-base"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.9.3-0.1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1308.json"}},{"package":{"name":"ovirt-engine-setup-plugin-cinderlib","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-setup-plugin-cinderlib"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.9.3-0.1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1308.json"}},{"package":{"name":"ovirt-engine-setup-plugin-ovirt-engine","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-setup-plugin-ovirt-engine"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.9.3-0.1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1308.json"}},{"package":{"name":"ovirt-engine-setup-plugin-ovirt-engine-common","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-setup-plugin-ovirt-engine-common"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.9.3-0.1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1308.json"}},{"package":{"name":"ovirt-engine-setup-plugin-vmconsole-proxy-helper","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-setup-plugin-vmconsole-proxy-helper"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.9.3-0.1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1308.json"}},{"package":{"name":"ovirt-engine-setup-plugin-websocket-proxy","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-setup-plugin-websocket-proxy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.9.3-0.1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1308.json"}},{"package":{"name":"ovirt-engine-tools","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-tools"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.9.3-0.1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1308.json"}},{"package":{"name":"ovirt-engine-tools-backup","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-tools-backup"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.9.3-0.1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1308.json"}},{"package":{"name":"ovirt-engine-vmconsole-proxy-helper","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-vmconsole-proxy-helper"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.9.3-0.1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1308.json"}},{"package":{"name":"ovirt-engine-webadmin-portal","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-webadmin-portal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.9.3-0.1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1308.json"}},{"package":{"name":"ovirt-engine-websocket-proxy","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-websocket-proxy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.9.3-0.1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1308.json"}},{"package":{"name":"python2-ovirt-engine-lib","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/python2-ovirt-engine-lib"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.9.3-0.1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1308.json"}},{"package":{"name":"rhvm","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/rhvm"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.9.3-0.1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1308.json"}},{"package":{"name":"rhvm-dependencies","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/rhvm-dependencies"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.2-1.el7ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1308.json"}},{"package":{"name":"ovirt-engine-extension-aaa-misc","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-extension-aaa-misc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0.4-1.el7ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1308.json"}},{"package":{"name":"ovirt-fast-forward-upgrade","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-fast-forward-upgrade"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0.0-17.el7ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1308.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}]}