{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright © Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat Enterprise Virtualization Manager 3.2 is now available.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available from the CVE link in\nthe References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat Enterprise Virtualization Manager is a visual tool for centrally\nmanaging collections of virtual servers running Red Hat Enterprise Linux\nand Microsoft Windows. This package also includes the Red Hat Enterprise\nVirtualization Manager API, a set of scriptable commands that give\nadministrators the ability to perform queries and operations on Red Hat\nEnterprise Virtualization Manager.\n\nIt was found that permission checks were not performed on the target\nstorage domain when cloning a virtual machine from a snapshot. An attacker\ncould use this flaw to perform a denial of service attack, exhausting free\ndisk space on the target storage domain. (CVE-2013-2144)\n\nThe CVE-2013-2144 issue was discovered by Daniel Erez of Red Hat.\n\nThis update also fixes various bugs. Refer to the Technical Notes for\ninformation about these changes:\n\nhttps://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Virtualization/3.2/html/Technical_Notes/chap-RHSA-2013-0888.html\n\nAll Red Hat Enterprise Virtualization Manager users are advised to upgrade\nto these updated packages, which resolve these issues.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2013:0888",
        "url": "https://access.redhat.com/errata/RHSA-2013:0888"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Virtualization/3.2/html/Technical_Notes/chap-RHSA-2013-0888.html",
        "url": "https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Virtualization/3.2/html/Technical_Notes/chap-RHSA-2013-0888.html"
      },
      {
        "category": "external",
        "summary": "723206",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=723206"
      },
      {
        "category": "external",
        "summary": "754334",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=754334"
      },
      {
        "category": "external",
        "summary": "829625",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=829625"
      },
      {
        "category": "external",
        "summary": "837907",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=837907"
      },
      {
        "category": "external",
        "summary": "838457",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=838457"
      },
      {
        "category": "external",
        "summary": "838469",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=838469"
      },
      {
        "category": "external",
        "summary": "838470",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=838470"
      },
      {
        "category": "external",
        "summary": "839205",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=839205"
      },
      {
        "category": "external",
        "summary": "843058",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=843058"
      },
      {
        "category": "external",
        "summary": "843410",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=843410"
      },
      {
        "category": "external",
        "summary": "845022",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=845022"
      },
      {
        "category": "external",
        "summary": "848398",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=848398"
      },
      {
        "category": "external",
        "summary": "854489",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=854489"
      },
      {
        "category": "external",
        "summary": "854535",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=854535"
      },
      {
        "category": "external",
        "summary": "854540",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=854540"
      },
      {
        "category": "external",
        "summary": "854964",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=854964"
      },
      {
        "category": "external",
        "summary": "855630",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=855630"
      },
      {
        "category": "external",
        "summary": "858742",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=858742"
      },
      {
        "category": "external",
        "summary": "859762",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=859762"
      },
      {
        "category": "external",
        "summary": "861098",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=861098"
      },
      {
        "category": "external",
        "summary": "861576",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=861576"
      },
      {
        "category": "external",
        "summary": "862797",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=862797"
      },
      {
        "category": "external",
        "summary": "866123",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=866123"
      },
      {
        "category": "external",
        "summary": "866889",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=866889"
      },
      {
        "category": "external",
        "summary": "867543",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=867543"
      },
      {
        "category": "external",
        "summary": "868626",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=868626"
      },
      {
        "category": "external",
        "summary": "870159",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=870159"
      },
      {
        "category": "external",
        "summary": "870352",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=870352"
      },
      {
        "category": "external",
        "summary": "871371",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=871371"
      },
      {
        "category": "external",
        "summary": "871802",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=871802"
      },
      {
        "category": "external",
        "summary": "872506",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=872506"
      },
      {
        "category": "external",
        "summary": "873581",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=873581"
      },
      {
        "category": "external",
        "summary": "874019",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=874019"
      },
      {
        "category": "external",
        "summary": "874080",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=874080"
      },
      {
        "category": "external",
        "summary": "875527",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=875527"
      },
      {
        "category": "external",
        "summary": "875528",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=875528"
      },
      {
        "category": "external",
        "summary": "875814",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=875814"
      },
      {
        "category": "external",
        "summary": "876109",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=876109"
      },
      {
        "category": "external",
        "summary": "876235",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=876235"
      },
      {
        "category": "external",
        "summary": "877818",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=877818"
      },
      {
        "category": "external",
        "summary": "878064",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=878064"
      },
      {
        "category": "external",
        "summary": "878509",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=878509"
      },
      {
        "category": "external",
        "summary": "878778",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=878778"
      },
      {
        "category": "external",
        "summary": "879291",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=879291"
      },
      {
        "category": "external",
        "summary": "879308",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=879308"
      },
      {
        "category": "external",
        "summary": "879930",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=879930"
      },
      {
        "category": "external",
        "summary": "880969",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=880969"
      },
      {
        "category": "external",
        "summary": "881024",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=881024"
      },
      {
        "category": "external",
        "summary": "882651",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=882651"
      },
      {
        "category": "external",
        "summary": "882807",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=882807"
      },
      {
        "category": "external",
        "summary": "882812",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=882812"
      },
      {
        "category": "external",
        "summary": "882813",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=882813"
      },
      {
        "category": "external",
        "summary": "882824",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=882824"
      },
      {
        "category": "external",
        "summary": "882837",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=882837"
      },
      {
        "category": "external",
        "summary": "882847",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=882847"
      },
      {
        "category": "external",
        "summary": "883871",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=883871"
      },
      {
        "category": "external",
        "summary": "885391",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=885391"
      },
      {
        "category": "external",
        "summary": "886133",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=886133"
      },
      {
        "category": "external",
        "summary": "886709",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=886709"
      },
      {
        "category": "external",
        "summary": "886824",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=886824"
      },
      {
        "category": "external",
        "summary": "887230",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=887230"
      },
      {
        "category": "external",
        "summary": "887741",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=887741"
      },
      {
        "category": "external",
        "summary": "888689",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=888689"
      },
      {
        "category": "external",
        "summary": "889795",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=889795"
      },
      {
        "category": "external",
        "summary": "889985",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=889985"
      },
      {
        "category": "external",
        "summary": "891279",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=891279"
      },
      {
        "category": "external",
        "summary": "891280",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=891280"
      },
      {
        "category": "external",
        "summary": "892532",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=892532"
      },
      {
        "category": "external",
        "summary": "892724",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=892724"
      },
      {
        "category": "external",
        "summary": "894020",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=894020"
      },
      {
        "category": "external",
        "summary": "894288",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=894288"
      },
      {
        "category": "external",
        "summary": "894345",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=894345"
      },
      {
        "category": "external",
        "summary": "894396",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=894396"
      },
      {
        "category": "external",
        "summary": "894681",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=894681"
      },
      {
        "category": "external",
        "summary": "895049",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=895049"
      },
      {
        "category": "external",
        "summary": "895103",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=895103"
      },
      {
        "category": "external",
        "summary": "903287",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=903287"
      },
      {
        "category": "external",
        "summary": "905446",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=905446"
      },
      {
        "category": "external",
        "summary": "905564",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=905564"
      },
      {
        "category": "external",
        "summary": "907232",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=907232"
      },
      {
        "category": "external",
        "summary": "907240",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=907240"
      },
      {
        "category": "external",
        "summary": "908745",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=908745"
      },
      {
        "category": "external",
        "summary": "912449",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=912449"
      },
      {
        "category": "external",
        "summary": "912697",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=912697"
      },
      {
        "category": "external",
        "summary": "915036",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=915036"
      },
      {
        "category": "external",
        "summary": "915675",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=915675"
      },
      {
        "category": "external",
        "summary": "915950",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=915950"
      },
      {
        "category": "external",
        "summary": "916582",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=916582"
      },
      {
        "category": "external",
        "summary": "916728",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=916728"
      },
      {
        "category": "external",
        "summary": "917522",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=917522"
      },
      {
        "category": "external",
        "summary": "917698",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=917698"
      },
      {
        "category": "external",
        "summary": "917719",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=917719"
      },
      {
        "category": "external",
        "summary": "919672",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=919672"
      },
      {
        "category": "external",
        "summary": "921201",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=921201"
      },
      {
        "category": "external",
        "summary": "923443",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=923443"
      },
      {
        "category": "external",
        "summary": "923614",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=923614"
      },
      {
        "category": "external",
        "summary": "923992",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=923992"
      },
      {
        "category": "external",
        "summary": "924605",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=924605"
      },
      {
        "category": "external",
        "summary": "948282",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=948282"
      },
      {
        "category": "external",
        "summary": "950073",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=950073"
      },
      {
        "category": "external",
        "summary": "953690",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953690"
      },
      {
        "category": "external",
        "summary": "956378",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=956378"
      },
      {
        "category": "external",
        "summary": "957051",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=957051"
      },
      {
        "category": "external",
        "summary": "957611",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=957611"
      },
      {
        "category": "external",
        "summary": "971058",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=971058"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_0888.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat Enterprise Virtualization Manager 3.2 update",
    "tracking": {
      "current_release_date": "2026-06-28T12:22:31+00:00",
      "generator": {
        "date": "2026-06-28T12:22:31+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "5.2.6"
        }
      },
      "id": "RHSA-2013:0888",
      "initial_release_date": "2013-06-10T20:52:00+00:00",
      "revision_history": [
        {
          "date": "2013-06-10T20:52:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2013-06-10T20:55:41+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-28T12:22:31+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "RHEV-M 3.2",
                "product": {
                  "name": "RHEV-M 3.2",
                  "product_id": "6Server-RHEV-S-3.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhev_manager:3"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Virtualization"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rhevm-restapi-0:3.2.0-11.30.el6ev.noarch",
                "product": {
                  "name": "rhevm-restapi-0:3.2.0-11.30.el6ev.noarch",
                  "product_id": "rhevm-restapi-0:3.2.0-11.30.el6ev.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhevm-restapi@3.2.0-11.30.el6ev?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhevm-genericapi-0:3.2.0-11.30.el6ev.noarch",
                "product": {
                  "name": "rhevm-genericapi-0:3.2.0-11.30.el6ev.noarch",
                  "product_id": "rhevm-genericapi-0:3.2.0-11.30.el6ev.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhevm-genericapi@3.2.0-11.30.el6ev?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhevm-dbscripts-0:3.2.0-11.30.el6ev.noarch",
                "product": {
                  "name": "rhevm-dbscripts-0:3.2.0-11.30.el6ev.noarch",
                  "product_id": "rhevm-dbscripts-0:3.2.0-11.30.el6ev.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhevm-dbscripts@3.2.0-11.30.el6ev?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhevm-webadmin-portal-0:3.2.0-11.30.el6ev.noarch",
                "product": {
                  "name": "rhevm-webadmin-portal-0:3.2.0-11.30.el6ev.noarch",
                  "product_id": "rhevm-webadmin-portal-0:3.2.0-11.30.el6ev.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhevm-webadmin-portal@3.2.0-11.30.el6ev?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhevm-0:3.2.0-11.30.el6ev.noarch",
                "product": {
                  "name": "rhevm-0:3.2.0-11.30.el6ev.noarch",
                  "product_id": "rhevm-0:3.2.0-11.30.el6ev.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhevm@3.2.0-11.30.el6ev?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhevm-userportal-0:3.2.0-11.30.el6ev.noarch",
                "product": {
                  "name": "rhevm-userportal-0:3.2.0-11.30.el6ev.noarch",
                  "product_id": "rhevm-userportal-0:3.2.0-11.30.el6ev.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhevm-userportal@3.2.0-11.30.el6ev?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhevm-config-0:3.2.0-11.30.el6ev.noarch",
                "product": {
                  "name": "rhevm-config-0:3.2.0-11.30.el6ev.noarch",
                  "product_id": "rhevm-config-0:3.2.0-11.30.el6ev.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhevm-config@3.2.0-11.30.el6ev?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhevm-setup-plugin-allinone-0:3.2.0-11.30.el6ev.noarch",
                "product": {
                  "name": "rhevm-setup-plugin-allinone-0:3.2.0-11.30.el6ev.noarch",
                  "product_id": "rhevm-setup-plugin-allinone-0:3.2.0-11.30.el6ev.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhevm-setup-plugin-allinone@3.2.0-11.30.el6ev?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhevm-tools-common-0:3.2.0-11.30.el6ev.noarch",
                "product": {
                  "name": "rhevm-tools-common-0:3.2.0-11.30.el6ev.noarch",
                  "product_id": "rhevm-tools-common-0:3.2.0-11.30.el6ev.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhevm-tools-common@3.2.0-11.30.el6ev?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhevm-setup-0:3.2.0-11.30.el6ev.noarch",
                "product": {
                  "name": "rhevm-setup-0:3.2.0-11.30.el6ev.noarch",
                  "product_id": "rhevm-setup-0:3.2.0-11.30.el6ev.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhevm-setup@3.2.0-11.30.el6ev?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhevm-backend-0:3.2.0-11.30.el6ev.noarch",
                "product": {
                  "name": "rhevm-backend-0:3.2.0-11.30.el6ev.noarch",
                  "product_id": "rhevm-backend-0:3.2.0-11.30.el6ev.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhevm-backend@3.2.0-11.30.el6ev?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhevm-notification-service-0:3.2.0-11.30.el6ev.noarch",
                "product": {
                  "name": "rhevm-notification-service-0:3.2.0-11.30.el6ev.noarch",
                  "product_id": "rhevm-notification-service-0:3.2.0-11.30.el6ev.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhevm-notification-service@3.2.0-11.30.el6ev?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rhevm-0:3.2.0-11.30.el6ev.src",
                "product": {
                  "name": "rhevm-0:3.2.0-11.30.el6ev.src",
                  "product_id": "rhevm-0:3.2.0-11.30.el6ev.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhevm@3.2.0-11.30.el6ev?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhevm-0:3.2.0-11.30.el6ev.noarch as a component of RHEV-M 3.2",
          "product_id": "6Server-RHEV-S-3.2:rhevm-0:3.2.0-11.30.el6ev.noarch"
        },
        "product_reference": "rhevm-0:3.2.0-11.30.el6ev.noarch",
        "relates_to_product_reference": "6Server-RHEV-S-3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhevm-0:3.2.0-11.30.el6ev.src as a component of RHEV-M 3.2",
          "product_id": "6Server-RHEV-S-3.2:rhevm-0:3.2.0-11.30.el6ev.src"
        },
        "product_reference": "rhevm-0:3.2.0-11.30.el6ev.src",
        "relates_to_product_reference": "6Server-RHEV-S-3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhevm-backend-0:3.2.0-11.30.el6ev.noarch as a component of RHEV-M 3.2",
          "product_id": "6Server-RHEV-S-3.2:rhevm-backend-0:3.2.0-11.30.el6ev.noarch"
        },
        "product_reference": "rhevm-backend-0:3.2.0-11.30.el6ev.noarch",
        "relates_to_product_reference": "6Server-RHEV-S-3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhevm-config-0:3.2.0-11.30.el6ev.noarch as a component of RHEV-M 3.2",
          "product_id": "6Server-RHEV-S-3.2:rhevm-config-0:3.2.0-11.30.el6ev.noarch"
        },
        "product_reference": "rhevm-config-0:3.2.0-11.30.el6ev.noarch",
        "relates_to_product_reference": "6Server-RHEV-S-3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhevm-dbscripts-0:3.2.0-11.30.el6ev.noarch as a component of RHEV-M 3.2",
          "product_id": "6Server-RHEV-S-3.2:rhevm-dbscripts-0:3.2.0-11.30.el6ev.noarch"
        },
        "product_reference": "rhevm-dbscripts-0:3.2.0-11.30.el6ev.noarch",
        "relates_to_product_reference": "6Server-RHEV-S-3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhevm-genericapi-0:3.2.0-11.30.el6ev.noarch as a component of RHEV-M 3.2",
          "product_id": "6Server-RHEV-S-3.2:rhevm-genericapi-0:3.2.0-11.30.el6ev.noarch"
        },
        "product_reference": "rhevm-genericapi-0:3.2.0-11.30.el6ev.noarch",
        "relates_to_product_reference": "6Server-RHEV-S-3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhevm-notification-service-0:3.2.0-11.30.el6ev.noarch as a component of RHEV-M 3.2",
          "product_id": "6Server-RHEV-S-3.2:rhevm-notification-service-0:3.2.0-11.30.el6ev.noarch"
        },
        "product_reference": "rhevm-notification-service-0:3.2.0-11.30.el6ev.noarch",
        "relates_to_product_reference": "6Server-RHEV-S-3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhevm-restapi-0:3.2.0-11.30.el6ev.noarch as a component of RHEV-M 3.2",
          "product_id": "6Server-RHEV-S-3.2:rhevm-restapi-0:3.2.0-11.30.el6ev.noarch"
        },
        "product_reference": "rhevm-restapi-0:3.2.0-11.30.el6ev.noarch",
        "relates_to_product_reference": "6Server-RHEV-S-3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhevm-setup-0:3.2.0-11.30.el6ev.noarch as a component of RHEV-M 3.2",
          "product_id": "6Server-RHEV-S-3.2:rhevm-setup-0:3.2.0-11.30.el6ev.noarch"
        },
        "product_reference": "rhevm-setup-0:3.2.0-11.30.el6ev.noarch",
        "relates_to_product_reference": "6Server-RHEV-S-3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhevm-setup-plugin-allinone-0:3.2.0-11.30.el6ev.noarch as a component of RHEV-M 3.2",
          "product_id": "6Server-RHEV-S-3.2:rhevm-setup-plugin-allinone-0:3.2.0-11.30.el6ev.noarch"
        },
        "product_reference": "rhevm-setup-plugin-allinone-0:3.2.0-11.30.el6ev.noarch",
        "relates_to_product_reference": "6Server-RHEV-S-3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhevm-tools-common-0:3.2.0-11.30.el6ev.noarch as a component of RHEV-M 3.2",
          "product_id": "6Server-RHEV-S-3.2:rhevm-tools-common-0:3.2.0-11.30.el6ev.noarch"
        },
        "product_reference": "rhevm-tools-common-0:3.2.0-11.30.el6ev.noarch",
        "relates_to_product_reference": "6Server-RHEV-S-3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhevm-userportal-0:3.2.0-11.30.el6ev.noarch as a component of RHEV-M 3.2",
          "product_id": "6Server-RHEV-S-3.2:rhevm-userportal-0:3.2.0-11.30.el6ev.noarch"
        },
        "product_reference": "rhevm-userportal-0:3.2.0-11.30.el6ev.noarch",
        "relates_to_product_reference": "6Server-RHEV-S-3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhevm-webadmin-portal-0:3.2.0-11.30.el6ev.noarch as a component of RHEV-M 3.2",
          "product_id": "6Server-RHEV-S-3.2:rhevm-webadmin-portal-0:3.2.0-11.30.el6ev.noarch"
        },
        "product_reference": "rhevm-webadmin-portal-0:3.2.0-11.30.el6ev.noarch",
        "relates_to_product_reference": "6Server-RHEV-S-3.2"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "Daniel Erez"
          ],
          "organization": "Red Hat Enterprise Virtualization Team",
          "summary": "This issue was discovered by Red Hat."
        }
      ],
      "cve": "CVE-2013-2144",
      "discovery_date": "2013-05-05T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "971058"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Red Hat Enterprise Virtualization Manager (RHEVM) before 3.2 does not properly check permissions for the target storage domain, which allows attackers to cause a denial of service (disk space consumption) by cloning a VM from a snapshot.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "rhevm: insufficient target domain permission check when cloning a VM from a snapshot",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-RHEV-S-3.2:rhevm-0:3.2.0-11.30.el6ev.noarch",
          "6Server-RHEV-S-3.2:rhevm-0:3.2.0-11.30.el6ev.src",
          "6Server-RHEV-S-3.2:rhevm-backend-0:3.2.0-11.30.el6ev.noarch",
          "6Server-RHEV-S-3.2:rhevm-config-0:3.2.0-11.30.el6ev.noarch",
          "6Server-RHEV-S-3.2:rhevm-dbscripts-0:3.2.0-11.30.el6ev.noarch",
          "6Server-RHEV-S-3.2:rhevm-genericapi-0:3.2.0-11.30.el6ev.noarch",
          "6Server-RHEV-S-3.2:rhevm-notification-service-0:3.2.0-11.30.el6ev.noarch",
          "6Server-RHEV-S-3.2:rhevm-restapi-0:3.2.0-11.30.el6ev.noarch",
          "6Server-RHEV-S-3.2:rhevm-setup-0:3.2.0-11.30.el6ev.noarch",
          "6Server-RHEV-S-3.2:rhevm-setup-plugin-allinone-0:3.2.0-11.30.el6ev.noarch",
          "6Server-RHEV-S-3.2:rhevm-tools-common-0:3.2.0-11.30.el6ev.noarch",
          "6Server-RHEV-S-3.2:rhevm-userportal-0:3.2.0-11.30.el6ev.noarch",
          "6Server-RHEV-S-3.2:rhevm-webadmin-portal-0:3.2.0-11.30.el6ev.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2013-2144"
        },
        {
          "category": "external",
          "summary": "RHBZ#971058",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=971058"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2144",
          "url": "https://www.cve.org/CVERecord?id=CVE-2013-2144"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2144",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2144"
        }
      ],
      "release_date": "2013-06-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2013-06-10T20:52:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
          "product_ids": [
            "6Server-RHEV-S-3.2:rhevm-0:3.2.0-11.30.el6ev.noarch",
            "6Server-RHEV-S-3.2:rhevm-0:3.2.0-11.30.el6ev.src",
            "6Server-RHEV-S-3.2:rhevm-backend-0:3.2.0-11.30.el6ev.noarch",
            "6Server-RHEV-S-3.2:rhevm-config-0:3.2.0-11.30.el6ev.noarch",
            "6Server-RHEV-S-3.2:rhevm-dbscripts-0:3.2.0-11.30.el6ev.noarch",
            "6Server-RHEV-S-3.2:rhevm-genericapi-0:3.2.0-11.30.el6ev.noarch",
            "6Server-RHEV-S-3.2:rhevm-notification-service-0:3.2.0-11.30.el6ev.noarch",
            "6Server-RHEV-S-3.2:rhevm-restapi-0:3.2.0-11.30.el6ev.noarch",
            "6Server-RHEV-S-3.2:rhevm-setup-0:3.2.0-11.30.el6ev.noarch",
            "6Server-RHEV-S-3.2:rhevm-setup-plugin-allinone-0:3.2.0-11.30.el6ev.noarch",
            "6Server-RHEV-S-3.2:rhevm-tools-common-0:3.2.0-11.30.el6ev.noarch",
            "6Server-RHEV-S-3.2:rhevm-userportal-0:3.2.0-11.30.el6ev.noarch",
            "6Server-RHEV-S-3.2:rhevm-webadmin-portal-0:3.2.0-11.30.el6ev.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2013:0888"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.9,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "products": [
            "6Server-RHEV-S-3.2:rhevm-0:3.2.0-11.30.el6ev.noarch",
            "6Server-RHEV-S-3.2:rhevm-0:3.2.0-11.30.el6ev.src",
            "6Server-RHEV-S-3.2:rhevm-backend-0:3.2.0-11.30.el6ev.noarch",
            "6Server-RHEV-S-3.2:rhevm-config-0:3.2.0-11.30.el6ev.noarch",
            "6Server-RHEV-S-3.2:rhevm-dbscripts-0:3.2.0-11.30.el6ev.noarch",
            "6Server-RHEV-S-3.2:rhevm-genericapi-0:3.2.0-11.30.el6ev.noarch",
            "6Server-RHEV-S-3.2:rhevm-notification-service-0:3.2.0-11.30.el6ev.noarch",
            "6Server-RHEV-S-3.2:rhevm-restapi-0:3.2.0-11.30.el6ev.noarch",
            "6Server-RHEV-S-3.2:rhevm-setup-0:3.2.0-11.30.el6ev.noarch",
            "6Server-RHEV-S-3.2:rhevm-setup-plugin-allinone-0:3.2.0-11.30.el6ev.noarch",
            "6Server-RHEV-S-3.2:rhevm-tools-common-0:3.2.0-11.30.el6ev.noarch",
            "6Server-RHEV-S-3.2:rhevm-userportal-0:3.2.0-11.30.el6ev.noarch",
            "6Server-RHEV-S-3.2:rhevm-webadmin-portal-0:3.2.0-11.30.el6ev.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "rhevm: insufficient target domain permission check when cloning a VM from a snapshot"
    }
  ]
}