CVE-2014-7823

Опубликовано: 05 нояб. 2014

Источник: redhat

CVSS2: 3.3

EPSS Низкий

Описание

The virDomainGetXMLDesc API in Libvirt before 1.2.11 allows remote read-only users to obtain the VNC password by using the VIR_DOMAIN_XML_MIGRATABLE flag, which triggers the use of the VIR_DOMAIN_XML_SECURE flag.

It was found that when the VIR_DOMAIN_XML_MIGRATABLE flag was used, the QEMU driver implementation of the virDomainGetXMLDesc() function could bypass the restrictions of the VIR_DOMAIN_XML_SECURE flag. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to leak certain limited information from the domain XML data.

Отчет

This issue does not affect the versions of libvirt packages as shipped with Red Hat Enterprise Linux 5. This issue does affect the versions of libvirt packages as shipped with Red Hat Enterprise Linux 6 and 7. Future updates may address this issue in the respective Red Hat Enterprise Linux releases.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 5	libvirt	Not affected
Red Hat Storage 2.1	libvirt	Under investigation
Red Hat Enterprise Linux 6	libvirt	Fixed	RHSA-2014:1873	18.11.2014
Red Hat Enterprise Linux 7	libvirt	Fixed	RHSA-2015:0008	05.01.2015

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

https://bugzilla.redhat.com/show_bug.cgi?id=1160817libvirt: dumpxml: information leak with migratable flag

EPSS

Процентиль: 66%

0.00531

Низкий

3.3 Low

CVSS2

Связанные уязвимости

CVE-2014-7823

ubuntu

почти 11 лет назад

CVE-2014-7823

nvd

почти 11 лет назад

CVE-2014-7823

debian

почти 11 лет назад

The virDomainGetXMLDesc API in Libvirt before 1.2.11 allows remote rea ...

GHSA-v2x4-6r33-27c2

github

больше 3 лет назад

ELSA-2015-0008

oracle-oval

больше 10 лет назад

ELSA-2015-0008: libvirt security and bug fix update (LOW)

EPSS

Процентиль: 66%

0.00531

Низкий

3.3 Low

CVSS2