CVSS: 5.5EPSS: 0%CPEs: 20EXPL: 0CVE-2015-5160 – libvirt: Ceph id/key leaked in the process list
https://notcve.org/view.php?id=CVE-2015-5160
libvirt before 2.2 includes Ceph credentials on the qemu command line when using RADOS Block Device (aka RBD), which allows local users to obtain sensitive information via a process listing. libvirt en versiones anteriores a la 2.2 incluye las credenciales de Ceph en la línea de comandos qemu cuando se utiliza RADOS Block Device (también conocido como RBD), lo que permite a los usuarios locales obtener información sensible mediante un listado de procesos. It was found that the libvirt daemon, when using RBD (RADOS Block Device), leaked private credentials to the process list. A local attacker could use this flaw to perform certain privileged operations within the cluster. • http://rhn.redhat.com/errata/RHSA-2016-2577.html http://www.openwall.com/lists/oss-security/2017/07/21/3 https://bugs.launchpad.net/ossn/+bug/1686743 https://bugzilla.redhat.com/show_bug.cgi?id=1245647 https://wiki.openstack.org/wiki/OSSN/OSSN-0079 https://access.redhat.com/security/cve/CVE-2015-5160 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 2%CPEs: 2EXPL: 0CVE-2016-5008 – libvirt: Setting empty VNC password allows access to unauthorized users
https://notcve.org/view.php?id=CVE-2016-5008
libvirt before 2.0.0 improperly disables password checking when the password on a VNC server is set to an empty string, which allows remote attackers to bypass authentication and establish a VNC session by connecting to the server. libvirt en versiones anteriores a 2.0.0 desactiva inadecuadamente la comprobación de contraseñas cuando la contraseña en un servidor VNC está establecida en una cadena vacía, lo que permite a atacantes remotos eludir la autenticación y establecer una sesióin VNC conectándose al servidor. It was found that setting a VNC password to an empty string in libvirt did not disable all access to the VNC server as documented, instead it allowed access with no authentication required. An attacker could use this flaw to access a VNC server with an empty VNC password without any authentication. • http://lists.opensuse.org/opensuse-updates/2016-07/msg00054.html http://lists.opensuse.org/opensuse-updates/2016-07/msg00055.html http://lists.opensuse.org/opensuse-updates/2016-08/msg00024.html http://rhn.redhat.com/errata/RHSA-2016-2577.html http://security.libvirt.org/2016/0001.html http://www.debian.org/security/2016/dsa-3613 http://www.securityfocus.com/bid/91562 https://bugzilla.redhat.com/show_bug.cgi?id=1180092 https://lists.fedoraproject.org/archives/list/package-announc • CWE-284: Improper Access Control •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2014-3672
https://notcve.org/view.php?id=CVE-2014-3672
The qemu implementation in libvirt before 1.3.0 and Xen allows local guest OS users to cause a denial of service (host disk consumption) by writing to stdout or stderr. La implementación de qemu en libvirt en versiones anteriores a 1.3.0 y Xen permite a usuarios locales del SO invitado provocar una denegación de servicio (consumo de disco anfitrión) escribiendo stdout o stderr. • http://www.openwall.com/lists/oss-security/2016/05/24/5 http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html http://www.securitytracker.com/id/1035945 http://xenbits.xen.org/xsa/advisory-180.html https://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=0d968ad715475a1660779bcdd2c5b38ad63db4cf https://libvirt.org/news-2015.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.9EPSS: 0%CPEs: 5EXPL: 0CVE-2011-4600
https://notcve.org/view.php?id=CVE-2011-4600
The networkReloadIptablesRules function in network/bridge_driver.c in libvirt before 0.9.9 does not properly handle firewall rules on bridge networks when libvirtd is restarted, which might allow remote attackers to bypass intended access restrictions via a (1) DNS or (2) DHCP query. La función networkReloadIptablesRules en network/bridge_driver.c en libvirt en versiones anteriores a 0.9.9 no maneja correctamente las reglas del firewall en redes puente cuando se reinicia libvirtd, lo que podría permitir a atacantes remotos eludir las restricciones de acceso previstas a través de una consulta (1) DNS o (2) DHCP. • http://libvirt.org/git/?p=libvirt.git%3Ba=commitdiff%3Bh=ae1232b298323dd7bef909426e2ebafa6bca9157 http://libvirt.org/news-2012.html http://www.ubuntu.com/usn/USN-2867-1 https://bugzilla.redhat.com/show_bug.cgi?id=760442 • CWE-284: Improper Access Control •
CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 0CVE-2015-5247
https://notcve.org/view.php?id=CVE-2015-5247
The virStorageVolCreateXML API in libvirt 1.2.14 through 1.2.19 allows remote authenticated users with a read-write connection to cause a denial of service (libvirtd crash) by triggering a failed unlink after creating a volume on a root_squash NFS pool. La API virStorageVolCreateXML en libvirt 1.2.14 hasta la versión 1.2.19 permite a usuarios remotos autenticados con una conexión de lectura-escritura causar una denegación de servicio (caída de libvirtd) desencadenando una desvinculación fallida después de crear un volumen en un pool NFS root_squash. • http://security.libvirt.org/2015/0003.html http://www.ubuntu.com/usn/USN-2867-1 • CWE-284: Improper Access Control •