CVE
CVE-2026-22598
ManageIQ vulnerable to DoS Attack when creating TimeProfiles
ManageIQ is an open-source management platform. A flaw was found in the ManageIQ API prior to version radjabov-2 where a malformed TimeProfile could be created causing later UI and API requests to timeout leading to a Denial of Service. Version radjabov-2 contains a patch. One may also apply the patch manually.
Package Versions Affected
Package Version
patch Availability
No items found.
Automatically patch vulnerabilities without upgrading
Fix Without Upgrading
Detect compatible fix
Apply safe remediation
Fix with a single pull request
CVSS Version
Severity
Base Score
CVSS Version
Score Vector
C
H
U
7.1
-
4.0
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
C
H
U
0
-
C
H
U
-
Related Resources
No items found.
References
https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/22xxx/CVE-2026-22598.json, https://github.com/ManageIQ/manageiq/commit/79cef10c7d0278d8a37c3f547c426948180df4df.patch, https://github.com/ManageIQ/manageiq/commit/86132851257d73ed9e31a88315e47a8a2b838113, https://github.com/ManageIQ/manageiq/security/advisories/GHSA-m832-x3g8-63j3, https://nvd.nist.gov/vuln/detail/CVE-2026-22598
Basic Information
Ecosystem
