Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2016-10746

Опубликовано: 18 апр. 2019
Источник: redhat
CVSS3: 7.5
EPSS Низкий

Описание

libvirt-domain.c in libvirt before 1.3.1 supports virDomainGetTime API calls by guest agents with an RO connection, even though an RW connection was supposed to be required, a different vulnerability than CVE-2019-3886.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5libvirtNot affected
Red Hat Enterprise Linux 6libvirtNot affected
Red Hat Enterprise Linux 7libvirtNot affected
Red Hat Storage 3libvirtNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-648
https://bugzilla.redhat.com/show_bug.cgi?id=1705507libvirt: libvirt-domain.c supports virDomainGetTime API calls with an RO connection instead of RW connection

EPSS

Процентиль: 67%
0.00548
Низкий

7.5 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2016-10746

CVSS3: 7.5
ubuntu
почти 7 лет назад

libvirt-domain.c in libvirt before 1.3.1 supports virDomainGetTime API calls by guest agents with an RO connection, even though an RW connection was supposed to be required, a different vulnerability than CVE-2019-3886.

nvd логотип

CVE-2016-10746

CVSS3: 7.5
nvd
почти 7 лет назад

libvirt-domain.c in libvirt before 1.3.1 supports virDomainGetTime API calls by guest agents with an RO connection, even though an RW connection was supposed to be required, a different vulnerability than CVE-2019-3886.

debian логотип

CVE-2016-10746

CVSS3: 7.5
debian
почти 7 лет назад

libvirt-domain.c in libvirt before 1.3.1 supports virDomainGetTime API ...

suse-cvrf логотип

SUSE-SU-2019:14146-1

suse-cvrf
больше 6 лет назад

Security update for libvirt and libvirt-python

github логотип

GHSA-66gq-pc92-3m6j

CVSS3: 7.5
github
больше 3 лет назад

libvirt-domain.c in libvirt before 1.3.1 supports virDomainGetTime API calls by guest agents with an RO connection, even though an RW connection was supposed to be required, a different vulnerability than CVE-2019-3886.

EPSS

Процентиль: 67%
0.00548
Низкий

7.5 High

CVSS3