{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright © Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat Enterprise Virtualization Manager 3.3 is now available.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from the\nCVE link in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat Enterprise Virtualization Manager is a visual tool for centrally\nmanaging collections of virtual servers running Red Hat Enterprise Linux\nand Microsoft Windows. This package also includes the Red Hat Enterprise\nVirtualization Manager API, a set of scriptable commands that give\nadministrators the ability to perform queries and operations on Red Hat\nEnterprise Virtualization Manager.\n\nA flaw was found in the way Red Hat Enterprise Virtualization Manager\nrelayed SPICE connection information to remote-viewer when a native SPICE\nclient invocation method was used. As a result, remote-viewer attempted an\ninsecure connection first and only switched to a secure connection when\nrequested by the SPICE server. An attacker able to intercept the SPICE\nconnection could use this flaw to conduct man-in-the-middle attacks.\n(CVE-2013-6434)\n\nRed Hat would like to thank Michael Samuel of Amcom for reporting this\nissue.\n\nThis update also fixes several bugs and adds various enhancements.\nDocumentation for these changes will be available shortly from the\nTechnical Notes document linked to in the References section. \n\nAll Red Hat Enterprise Virtualization Manager users are advised to upgrade\nto these updated packages, which resolve these issues and add these \nenhancements.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2014:0038",
        "url": "https://access.redhat.com/errata/RHSA-2014:0038"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Virtualization/3.3/html/Technical_Notes/chap-RHSA-20140038_-_rhevm.html",
        "url": "https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Virtualization/3.3/html/Technical_Notes/chap-RHSA-20140038_-_rhevm.html"
      },
      {
        "category": "external",
        "summary": "618636",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=618636"
      },
      {
        "category": "external",
        "summary": "787578",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=787578"
      },
      {
        "category": "external",
        "summary": "825801",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=825801"
      },
      {
        "category": "external",
        "summary": "829672",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=829672"
      },
      {
        "category": "external",
        "summary": "835543",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=835543"
      },
      {
        "category": "external",
        "summary": "838456",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=838456"
      },
      {
        "category": "external",
        "summary": "838468",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=838468"
      },
      {
        "category": "external",
        "summary": "838527",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=838527"
      },
      {
        "category": "external",
        "summary": "853739",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=853739"
      },
      {
        "category": "external",
        "summary": "859727",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=859727"
      },
      {
        "category": "external",
        "summary": "863211",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=863211"
      },
      {
        "category": "external",
        "summary": "867642",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=867642"
      },
      {
        "category": "external",
        "summary": "872719",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=872719"
      },
      {
        "category": "external",
        "summary": "873795",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=873795"
      },
      {
        "category": "external",
        "summary": "879904",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=879904"
      },
      {
        "category": "external",
        "summary": "880773",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=880773"
      },
      {
        "category": "external",
        "summary": "885135",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=885135"
      },
      {
        "category": "external",
        "summary": "886840",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=886840"
      },
      {
        "category": "external",
        "summary": "889271",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=889271"
      },
      {
        "category": "external",
        "summary": "890568",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=890568"
      },
      {
        "category": "external",
        "summary": "891056",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=891056"
      },
      {
        "category": "external",
        "summary": "892642",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=892642"
      },
      {
        "category": "external",
        "summary": "902353",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=902353"
      },
      {
        "category": "external",
        "summary": "907491",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=907491"
      },
      {
        "category": "external",
        "summary": "908327",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=908327"
      },
      {
        "category": "external",
        "summary": "908656",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=908656"
      },
      {
        "category": "external",
        "summary": "908835",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=908835"
      },
      {
        "category": "external",
        "summary": "909270",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=909270"
      },
      {
        "category": "external",
        "summary": "909930",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=909930"
      },
      {
        "category": "external",
        "summary": "912076",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=912076"
      },
      {
        "category": "external",
        "summary": "912258",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=912258"
      },
      {
        "category": "external",
        "summary": "915778",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=915778"
      },
      {
        "category": "external",
        "summary": "915904",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=915904"
      },
      {
        "category": "external",
        "summary": "916832",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=916832"
      },
      {
        "category": "external",
        "summary": "916866",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=916866"
      },
      {
        "category": "external",
        "summary": "917586",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=917586"
      },
      {
        "category": "external",
        "summary": "918890",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=918890"
      },
      {
        "category": "external",
        "summary": "920694",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=920694"
      },
      {
        "category": "external",
        "summary": "921544",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=921544"
      },
      {
        "category": "external",
        "summary": "922475",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=922475"
      },
      {
        "category": "external",
        "summary": "922504",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=922504"
      },
      {
        "category": "external",
        "summary": "922609",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=922609"
      },
      {
        "category": "external",
        "summary": "926928",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=926928"
      },
      {
        "category": "external",
        "summary": "947977",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=947977"
      },
      {
        "category": "external",
        "summary": "948481",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=948481"
      },
      {
        "category": "external",
        "summary": "948744",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=948744"
      },
      {
        "category": "external",
        "summary": "949281",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=949281"
      },
      {
        "category": "external",
        "summary": "949484",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=949484"
      },
      {
        "category": "external",
        "summary": "950768",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=950768"
      },
      {
        "category": "external",
        "summary": "952107",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952107"
      },
      {
        "category": "external",
        "summary": "952297",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952297"
      },
      {
        "category": "external",
        "summary": "953614",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953614"
      },
      {
        "category": "external",
        "summary": "953989",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953989"
      },
      {
        "category": "external",
        "summary": "955498",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=955498"
      },
      {
        "category": "external",
        "summary": "957703",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=957703"
      },
      {
        "category": "external",
        "summary": "957729",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=957729"
      },
      {
        "category": "external",
        "summary": "959879",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=959879"
      },
      {
        "category": "external",
        "summary": "960931",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=960931"
      },
      {
        "category": "external",
        "summary": "961645",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=961645"
      },
      {
        "category": "external",
        "summary": "962162",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=962162"
      },
      {
        "category": "external",
        "summary": "962177",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=962177"
      },
      {
        "category": "external",
        "summary": "965179",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=965179"
      },
      {
        "category": "external",
        "summary": "966003",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=966003"
      },
      {
        "category": "external",
        "summary": "966192",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=966192"
      },
      {
        "category": "external",
        "summary": "966198",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=966198"
      },
      {
        "category": "external",
        "summary": "966980",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=966980"
      },
      {
        "category": "external",
        "summary": "967268",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=967268"
      },
      {
        "category": "external",
        "summary": "967278",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=967278"
      },
      {
        "category": "external",
        "summary": "967327",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=967327"
      },
      {
        "category": "external",
        "summary": "967328",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=967328"
      },
      {
        "category": "external",
        "summary": "967353",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=967353"
      },
      {
        "category": "external",
        "summary": "967516",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=967516"
      },
      {
        "category": "external",
        "summary": "967541",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=967541"
      },
      {
        "category": "external",
        "summary": "967572",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=967572"
      },
      {
        "category": "external",
        "summary": "967573",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=967573"
      },
      {
        "category": "external",
        "summary": "967574",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=967574"
      },
      {
        "category": "external",
        "summary": "967604",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=967604"
      },
      {
        "category": "external",
        "summary": "967987",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=967987"
      },
      {
        "category": "external",
        "summary": "968178",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=968178"
      },
      {
        "category": "external",
        "summary": "968499",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=968499"
      },
      {
        "category": "external",
        "summary": "970046",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=970046"
      },
      {
        "category": "external",
        "summary": "970195",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=970195"
      },
      {
        "category": "external",
        "summary": "970948",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=970948"
      },
      {
        "category": "external",
        "summary": "971237",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=971237"
      },
      {
        "category": "external",
        "summary": "971346",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=971346"
      },
      {
        "category": "external",
        "summary": "971695",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=971695"
      },
      {
        "category": "external",
        "summary": "972455",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=972455"
      },
      {
        "category": "external",
        "summary": "973383",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=973383"
      },
      {
        "category": "external",
        "summary": "974066",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=974066"
      },
      {
        "category": "external",
        "summary": "974148",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=974148"
      },
      {
        "category": "external",
        "summary": "974982",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=974982"
      },
      {
        "category": "external",
        "summary": "975097",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=975097"
      },
      {
        "category": "external",
        "summary": "976671",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=976671"
      },
      {
        "category": "external",
        "summary": "977322",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=977322"
      },
      {
        "category": "external",
        "summary": "977689",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=977689"
      },
      {
        "category": "external",
        "summary": "978268",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=978268"
      },
      {
        "category": "external",
        "summary": "979763",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=979763"
      },
      {
        "category": "external",
        "summary": "980486",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=980486"
      },
      {
        "category": "external",
        "summary": "980926",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=980926"
      },
      {
        "category": "external",
        "summary": "982050",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=982050"
      },
      {
        "category": "external",
        "summary": "982527",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=982527"
      },
      {
        "category": "external",
        "summary": "982636",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=982636"
      },
      {
        "category": "external",
        "summary": "983120",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=983120"
      },
      {
        "category": "external",
        "summary": "983295",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=983295"
      },
      {
        "category": "external",
        "summary": "985635",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=985635"
      },
      {
        "category": "external",
        "summary": "986700",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=986700"
      },
      {
        "category": "external",
        "summary": "986979",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=986979"
      },
      {
        "category": "external",
        "summary": "987783",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=987783"
      },
      {
        "category": "external",
        "summary": "988259",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=988259"
      },
      {
        "category": "external",
        "summary": "989041",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=989041"
      },
      {
        "category": "external",
        "summary": "993123",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=993123"
      },
      {
        "category": "external",
        "summary": "994218",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=994218"
      },
      {
        "category": "external",
        "summary": "994463",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=994463"
      },
      {
        "category": "external",
        "summary": "995501",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=995501"
      },
      {
        "category": "external",
        "summary": "996816",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=996816"
      },
      {
        "category": "external",
        "summary": "999812",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=999812"
      },
      {
        "category": "external",
        "summary": "1000789",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1000789"
      },
      {
        "category": "external",
        "summary": "1002401",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1002401"
      },
      {
        "category": "external",
        "summary": "1002664",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1002664"
      },
      {
        "category": "external",
        "summary": "1003117",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1003117"
      },
      {
        "category": "external",
        "summary": "1004066",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1004066"
      },
      {
        "category": "external",
        "summary": "1005256",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1005256"
      },
      {
        "category": "external",
        "summary": "1006659",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1006659"
      },
      {
        "category": "external",
        "summary": "1012798",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1012798"
      },
      {
        "category": "external",
        "summary": "1013860",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1013860"
      },
      {
        "category": "external",
        "summary": "1015148",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1015148"
      },
      {
        "category": "external",
        "summary": "1015638",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1015638"
      },
      {
        "category": "external",
        "summary": "1018201",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018201"
      },
      {
        "category": "external",
        "summary": "1021326",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1021326"
      },
      {
        "category": "external",
        "summary": "1023131",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1023131"
      },
      {
        "category": "external",
        "summary": "1023952",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1023952"
      },
      {
        "category": "external",
        "summary": "1028966",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1028966"
      },
      {
        "category": "external",
        "summary": "1029106",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1029106"
      },
      {
        "category": "external",
        "summary": "1029177",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1029177"
      },
      {
        "category": "external",
        "summary": "1032807",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1032807"
      },
      {
        "category": "external",
        "summary": "1037894",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1037894"
      },
      {
        "category": "external",
        "summary": "1039839",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1039839"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_0038.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat Enterprise Virtualization Manager 3.3.0 update",
    "tracking": {
      "current_release_date": "2026-06-28T12:22:55+00:00",
      "generator": {
        "date": "2026-06-28T12:22:55+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "5.2.6"
        }
      },
      "id": "RHSA-2014:0038",
      "initial_release_date": "2014-01-21T17:03:06+00:00",
      "revision_history": [
        {
          "date": "2014-01-21T17:03:06+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2014-01-21T17:03:06+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-28T12:22:55+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "RHEV-M 3.3",
                "product": {
                  "name": "RHEV-M 3.3",
                  "product_id": "6Server-RHEV-S-3.3",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhev_manager:3"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Virtualization"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rhevm-0:3.3.0-0.45.el6ev.noarch",
                "product": {
                  "name": "rhevm-0:3.3.0-0.45.el6ev.noarch",
                  "product_id": "rhevm-0:3.3.0-0.45.el6ev.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhevm@3.3.0-0.45.el6ev?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhevm-backend-0:3.3.0-0.45.el6ev.noarch",
                "product": {
                  "name": "rhevm-backend-0:3.3.0-0.45.el6ev.noarch",
                  "product_id": "rhevm-backend-0:3.3.0-0.45.el6ev.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhevm-backend@3.3.0-0.45.el6ev?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhevm-lib-0:3.3.0-0.45.el6ev.noarch",
                "product": {
                  "name": "rhevm-lib-0:3.3.0-0.45.el6ev.noarch",
                  "product_id": "rhevm-lib-0:3.3.0-0.45.el6ev.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhevm-lib@3.3.0-0.45.el6ev?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhevm-setup-plugin-allinone-0:3.3.0-0.45.el6ev.noarch",
                "product": {
                  "name": "rhevm-setup-plugin-allinone-0:3.3.0-0.45.el6ev.noarch",
                  "product_id": "rhevm-setup-plugin-allinone-0:3.3.0-0.45.el6ev.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhevm-setup-plugin-allinone@3.3.0-0.45.el6ev?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhevm-tools-0:3.3.0-0.45.el6ev.noarch",
                "product": {
                  "name": "rhevm-tools-0:3.3.0-0.45.el6ev.noarch",
                  "product_id": "rhevm-tools-0:3.3.0-0.45.el6ev.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhevm-tools@3.3.0-0.45.el6ev?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhevm-webadmin-portal-0:3.3.0-0.45.el6ev.noarch",
                "product": {
                  "name": "rhevm-webadmin-portal-0:3.3.0-0.45.el6ev.noarch",
                  "product_id": "rhevm-webadmin-portal-0:3.3.0-0.45.el6ev.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhevm-webadmin-portal@3.3.0-0.45.el6ev?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhevm-dbscripts-0:3.3.0-0.45.el6ev.noarch",
                "product": {
                  "name": "rhevm-dbscripts-0:3.3.0-0.45.el6ev.noarch",
                  "product_id": "rhevm-dbscripts-0:3.3.0-0.45.el6ev.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhevm-dbscripts@3.3.0-0.45.el6ev?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhevm-websocket-proxy-0:3.3.0-0.45.el6ev.noarch",
                "product": {
                  "name": "rhevm-websocket-proxy-0:3.3.0-0.45.el6ev.noarch",
                  "product_id": "rhevm-websocket-proxy-0:3.3.0-0.45.el6ev.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhevm-websocket-proxy@3.3.0-0.45.el6ev?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhevm-setup-0:3.3.0-0.45.el6ev.noarch",
                "product": {
                  "name": "rhevm-setup-0:3.3.0-0.45.el6ev.noarch",
                  "product_id": "rhevm-setup-0:3.3.0-0.45.el6ev.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhevm-setup@3.3.0-0.45.el6ev?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhevm-userportal-0:3.3.0-0.45.el6ev.noarch",
                "product": {
                  "name": "rhevm-userportal-0:3.3.0-0.45.el6ev.noarch",
                  "product_id": "rhevm-userportal-0:3.3.0-0.45.el6ev.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhevm-userportal@3.3.0-0.45.el6ev?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhevm-restapi-0:3.3.0-0.45.el6ev.noarch",
                "product": {
                  "name": "rhevm-restapi-0:3.3.0-0.45.el6ev.noarch",
                  "product_id": "rhevm-restapi-0:3.3.0-0.45.el6ev.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhevm-restapi@3.3.0-0.45.el6ev?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rhevm-0:3.3.0-0.45.el6ev.src",
                "product": {
                  "name": "rhevm-0:3.3.0-0.45.el6ev.src",
                  "product_id": "rhevm-0:3.3.0-0.45.el6ev.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhevm@3.3.0-0.45.el6ev?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhevm-0:3.3.0-0.45.el6ev.noarch as a component of RHEV-M 3.3",
          "product_id": "6Server-RHEV-S-3.3:rhevm-0:3.3.0-0.45.el6ev.noarch"
        },
        "product_reference": "rhevm-0:3.3.0-0.45.el6ev.noarch",
        "relates_to_product_reference": "6Server-RHEV-S-3.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhevm-0:3.3.0-0.45.el6ev.src as a component of RHEV-M 3.3",
          "product_id": "6Server-RHEV-S-3.3:rhevm-0:3.3.0-0.45.el6ev.src"
        },
        "product_reference": "rhevm-0:3.3.0-0.45.el6ev.src",
        "relates_to_product_reference": "6Server-RHEV-S-3.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhevm-backend-0:3.3.0-0.45.el6ev.noarch as a component of RHEV-M 3.3",
          "product_id": "6Server-RHEV-S-3.3:rhevm-backend-0:3.3.0-0.45.el6ev.noarch"
        },
        "product_reference": "rhevm-backend-0:3.3.0-0.45.el6ev.noarch",
        "relates_to_product_reference": "6Server-RHEV-S-3.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhevm-dbscripts-0:3.3.0-0.45.el6ev.noarch as a component of RHEV-M 3.3",
          "product_id": "6Server-RHEV-S-3.3:rhevm-dbscripts-0:3.3.0-0.45.el6ev.noarch"
        },
        "product_reference": "rhevm-dbscripts-0:3.3.0-0.45.el6ev.noarch",
        "relates_to_product_reference": "6Server-RHEV-S-3.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhevm-lib-0:3.3.0-0.45.el6ev.noarch as a component of RHEV-M 3.3",
          "product_id": "6Server-RHEV-S-3.3:rhevm-lib-0:3.3.0-0.45.el6ev.noarch"
        },
        "product_reference": "rhevm-lib-0:3.3.0-0.45.el6ev.noarch",
        "relates_to_product_reference": "6Server-RHEV-S-3.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhevm-restapi-0:3.3.0-0.45.el6ev.noarch as a component of RHEV-M 3.3",
          "product_id": "6Server-RHEV-S-3.3:rhevm-restapi-0:3.3.0-0.45.el6ev.noarch"
        },
        "product_reference": "rhevm-restapi-0:3.3.0-0.45.el6ev.noarch",
        "relates_to_product_reference": "6Server-RHEV-S-3.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhevm-setup-0:3.3.0-0.45.el6ev.noarch as a component of RHEV-M 3.3",
          "product_id": "6Server-RHEV-S-3.3:rhevm-setup-0:3.3.0-0.45.el6ev.noarch"
        },
        "product_reference": "rhevm-setup-0:3.3.0-0.45.el6ev.noarch",
        "relates_to_product_reference": "6Server-RHEV-S-3.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhevm-setup-plugin-allinone-0:3.3.0-0.45.el6ev.noarch as a component of RHEV-M 3.3",
          "product_id": "6Server-RHEV-S-3.3:rhevm-setup-plugin-allinone-0:3.3.0-0.45.el6ev.noarch"
        },
        "product_reference": "rhevm-setup-plugin-allinone-0:3.3.0-0.45.el6ev.noarch",
        "relates_to_product_reference": "6Server-RHEV-S-3.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhevm-tools-0:3.3.0-0.45.el6ev.noarch as a component of RHEV-M 3.3",
          "product_id": "6Server-RHEV-S-3.3:rhevm-tools-0:3.3.0-0.45.el6ev.noarch"
        },
        "product_reference": "rhevm-tools-0:3.3.0-0.45.el6ev.noarch",
        "relates_to_product_reference": "6Server-RHEV-S-3.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhevm-userportal-0:3.3.0-0.45.el6ev.noarch as a component of RHEV-M 3.3",
          "product_id": "6Server-RHEV-S-3.3:rhevm-userportal-0:3.3.0-0.45.el6ev.noarch"
        },
        "product_reference": "rhevm-userportal-0:3.3.0-0.45.el6ev.noarch",
        "relates_to_product_reference": "6Server-RHEV-S-3.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhevm-webadmin-portal-0:3.3.0-0.45.el6ev.noarch as a component of RHEV-M 3.3",
          "product_id": "6Server-RHEV-S-3.3:rhevm-webadmin-portal-0:3.3.0-0.45.el6ev.noarch"
        },
        "product_reference": "rhevm-webadmin-portal-0:3.3.0-0.45.el6ev.noarch",
        "relates_to_product_reference": "6Server-RHEV-S-3.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhevm-websocket-proxy-0:3.3.0-0.45.el6ev.noarch as a component of RHEV-M 3.3",
          "product_id": "6Server-RHEV-S-3.3:rhevm-websocket-proxy-0:3.3.0-0.45.el6ev.noarch"
        },
        "product_reference": "rhevm-websocket-proxy-0:3.3.0-0.45.el6ev.noarch",
        "relates_to_product_reference": "6Server-RHEV-S-3.3"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "Michael Samuel"
          ],
          "organization": "Amcom"
        }
      ],
      "cve": "CVE-2013-6434",
      "cwe": {
        "id": "CWE-300",
        "name": "Channel Accessible by Non-Endpoint"
      },
      "discovery_date": "2013-12-04T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1039839"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The remote-viewer in Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.3, when using a native SPICE client invocation method, initially makes insecure connections to the SPICE server, which allows man-in-the-middle attackers to spoof the SPICE server.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "rhev: remote-viewer spice tls-stripping issue",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-RHEV-S-3.3:rhevm-0:3.3.0-0.45.el6ev.noarch",
          "6Server-RHEV-S-3.3:rhevm-0:3.3.0-0.45.el6ev.src",
          "6Server-RHEV-S-3.3:rhevm-backend-0:3.3.0-0.45.el6ev.noarch",
          "6Server-RHEV-S-3.3:rhevm-dbscripts-0:3.3.0-0.45.el6ev.noarch",
          "6Server-RHEV-S-3.3:rhevm-lib-0:3.3.0-0.45.el6ev.noarch",
          "6Server-RHEV-S-3.3:rhevm-restapi-0:3.3.0-0.45.el6ev.noarch",
          "6Server-RHEV-S-3.3:rhevm-setup-0:3.3.0-0.45.el6ev.noarch",
          "6Server-RHEV-S-3.3:rhevm-setup-plugin-allinone-0:3.3.0-0.45.el6ev.noarch",
          "6Server-RHEV-S-3.3:rhevm-tools-0:3.3.0-0.45.el6ev.noarch",
          "6Server-RHEV-S-3.3:rhevm-userportal-0:3.3.0-0.45.el6ev.noarch",
          "6Server-RHEV-S-3.3:rhevm-webadmin-portal-0:3.3.0-0.45.el6ev.noarch",
          "6Server-RHEV-S-3.3:rhevm-websocket-proxy-0:3.3.0-0.45.el6ev.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2013-6434"
        },
        {
          "category": "external",
          "summary": "RHBZ#1039839",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1039839"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2013-6434",
          "url": "https://www.cve.org/CVERecord?id=CVE-2013-6434"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-6434",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-6434"
        }
      ],
      "release_date": "2014-01-21T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2014-01-21T17:03:06+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
          "product_ids": [
            "6Server-RHEV-S-3.3:rhevm-0:3.3.0-0.45.el6ev.noarch",
            "6Server-RHEV-S-3.3:rhevm-0:3.3.0-0.45.el6ev.src",
            "6Server-RHEV-S-3.3:rhevm-backend-0:3.3.0-0.45.el6ev.noarch",
            "6Server-RHEV-S-3.3:rhevm-dbscripts-0:3.3.0-0.45.el6ev.noarch",
            "6Server-RHEV-S-3.3:rhevm-lib-0:3.3.0-0.45.el6ev.noarch",
            "6Server-RHEV-S-3.3:rhevm-restapi-0:3.3.0-0.45.el6ev.noarch",
            "6Server-RHEV-S-3.3:rhevm-setup-0:3.3.0-0.45.el6ev.noarch",
            "6Server-RHEV-S-3.3:rhevm-setup-plugin-allinone-0:3.3.0-0.45.el6ev.noarch",
            "6Server-RHEV-S-3.3:rhevm-tools-0:3.3.0-0.45.el6ev.noarch",
            "6Server-RHEV-S-3.3:rhevm-userportal-0:3.3.0-0.45.el6ev.noarch",
            "6Server-RHEV-S-3.3:rhevm-webadmin-portal-0:3.3.0-0.45.el6ev.noarch",
            "6Server-RHEV-S-3.3:rhevm-websocket-proxy-0:3.3.0-0.45.el6ev.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2014:0038"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "HIGH",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:A/AC:H/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "6Server-RHEV-S-3.3:rhevm-0:3.3.0-0.45.el6ev.noarch",
            "6Server-RHEV-S-3.3:rhevm-0:3.3.0-0.45.el6ev.src",
            "6Server-RHEV-S-3.3:rhevm-backend-0:3.3.0-0.45.el6ev.noarch",
            "6Server-RHEV-S-3.3:rhevm-dbscripts-0:3.3.0-0.45.el6ev.noarch",
            "6Server-RHEV-S-3.3:rhevm-lib-0:3.3.0-0.45.el6ev.noarch",
            "6Server-RHEV-S-3.3:rhevm-restapi-0:3.3.0-0.45.el6ev.noarch",
            "6Server-RHEV-S-3.3:rhevm-setup-0:3.3.0-0.45.el6ev.noarch",
            "6Server-RHEV-S-3.3:rhevm-setup-plugin-allinone-0:3.3.0-0.45.el6ev.noarch",
            "6Server-RHEV-S-3.3:rhevm-tools-0:3.3.0-0.45.el6ev.noarch",
            "6Server-RHEV-S-3.3:rhevm-userportal-0:3.3.0-0.45.el6ev.noarch",
            "6Server-RHEV-S-3.3:rhevm-webadmin-portal-0:3.3.0-0.45.el6ev.noarch",
            "6Server-RHEV-S-3.3:rhevm-websocket-proxy-0:3.3.0-0.45.el6ev.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "rhev: remote-viewer spice tls-stripping issue"
    }
  ]
}