Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2019-10166

Опубликовано: 02 авг. 2019
Источник: nvd
CVSS3: 7.8
CVSS3: 7.8
CVSS2: 4.6
EPSS Низкий

Описание

It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML() API, which would permit them to modify managed save state files. If a managed save had already been created by a privileged user, a local attacker could modify this file such that libvirtd would execute an arbitrary program when the domain was resumed.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:redhat:libvirt:*:*:*:*:*:*:*:*
Версия от 4.0.0 (включая) до 4.10.1 (исключая)
cpe:2.3:a:redhat:libvirt:*:*:*:*:*:*:*:*
Версия от 5.0.0 (включая) до 5.4.1 (исключая)
Конфигурация 2

Одно из

cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:virtualization:4.3:*:*:*:*:*:*:*

EPSS

Процентиль: 5%
0.00025
Низкий

7.8 High

CVSS3

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-284
NVD-CWE-Other

Связанные уязвимости

ubuntu логотип

CVE-2019-10166

CVSS3: 7.8
ubuntu
почти 6 лет назад

It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML() API, which would permit them to modify managed save state files. If a managed save had already been created by a privileged user, a local attacker could modify this file such that libvirtd would execute an arbitrary program when the domain was resumed.

redhat логотип

CVE-2019-10166

CVSS3: 7.8
redhat
около 6 лет назад

It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML() API, which would permit them to modify managed save state files. If a managed save had already been created by a privileged user, a local attacker could modify this file such that libvirtd would execute an arbitrary program when the domain was resumed.

debian логотип

CVE-2019-10166

CVSS3: 7.8
debian
почти 6 лет назад

It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x. ...

github логотип

GHSA-g9cg-gvh5-48hm

github
около 3 лет назад

It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML() API, which would permit them to modify managed save state files. If a managed save had already been created by a privileged user, a local attacker could modify this file such that libvirtd would execute an arbitrary program when the domain was resumed.

fstec логотип

BDU:2019-02445

fstec
около 6 лет назад

Уязвимость функции virDomainManagedSaveDefineXML библиотеки libvirtd, позволяющая нарушителю изменять произвольные файлы

EPSS

Процентиль: 5%
0.00025
Низкий

7.8 High

CVSS3

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-284
NVD-CWE-Other