CVE-2015-0236

Published Jan 29, 2015

Last updated 3 months ago

CVSS info 3.5

Overview

Description: libvirt before 1.2.12 allow remote authenticated users to obtain the VNC password by using the VIR_DOMAIN_XML_SECURE flag with a crafted (1) snapshot to the virDomainSnapshotGetXMLDesc interface or (2) image to the virDomainSaveImageGetXMLDesc interface.
Source: secalert@redhat.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 3.5
Impact score: 2.9
Exploitability score: 6.8
Vector string: AV:N/AC:M/Au:S/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-200

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F805A106-9A6F-48E7-8582-D3C5A26DFC11"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:redhat:libvirt:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A8A22EF4-358B-4D85-BC9E-CADD6DF4643B",
            "versionEndIncluding": "1.2.11"
          },
          {
            "criteria": "cpe:2.3:a:redhat:libvirt:1.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "527B9236-CA4E-42A8-8C7A-2FB92BE2B4B9"
          },
          {
            "criteria": "cpe:2.3:a:redhat:libvirt:1.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA9572AC-1D6D-4AA1-AEF0-CB9143F38215"
          },
          {
            "criteria": "cpe:2.3:a:redhat:libvirt:1.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3D6B6D6F-6CD3-43C3-B1EC-18DEC89DFDA6"
          },
          {
            "criteria": "cpe:2.3:a:redhat:libvirt:1.2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BF21D58D-6952-4C72-94C3-32421499AFCE"
          },
          {
            "criteria": "cpe:2.3:a:redhat:libvirt:1.2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "83403472-4883-4914-846A-3C3E912C5573"
          },
          {
            "criteria": "cpe:2.3:a:redhat:libvirt:1.2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "00DF70BC-8C33-4B01-9BF7-4D260E68DBAD"
          },
          {
            "criteria": "cpe:2.3:a:redhat:libvirt:1.2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EEEF1A5E-E1FD-4D28-B90A-86D78ABE3F58"
          },
          {
            "criteria": "cpe:2.3:a:redhat:libvirt:1.2.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "49568634-FD82-43E0-B60F-28896999CF48"
          },
          {
            "criteria": "cpe:2.3:a:redhat:libvirt:1.2.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EC1E4E78-937D-4BF1-B45E-74B24A02C97D"
          },
          {
            "criteria": "cpe:2.3:a:redhat:libvirt:1.2.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E80222EC-EA2E-444B-A51C-0287055A598C"
          },
          {
            "criteria": "cpe:2.3:a:redhat:libvirt:1.2.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1CA535BD-4D1A-4BD6-9EF0-1E57A80E6466"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F"
          },
          {
            "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F"
          },
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084"
          },
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B"
          },
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E88A537F-F4D0-46B9-9E37-965233C2A355"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C84489B-B08C-4854-8A12-D01B6E45CF79"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References