PT-2008-6233 · Libvirt+1 · Libvirt+1

Daniel Berrange

Publicado

2008-12-19

Atualizado

2024-06-15

CVE-2008-5086

CVSS v2.0

7.2

Alta

Vetor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions libvirt versions 0.3.2 through 0.5.1

Description The issue allows local users to bypass intended access restrictions and perform administrative actions due to multiple methods in libvirt not checking if a connection is read-only.

Recommendations For libvirt versions 0.3.2 through 0.5.1, consider restricting access to administrative actions until a patch is available. As a temporary workaround, review and enforce connection permissions to prevent unauthorized access.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2008-5086

OPENSUSE-SU-2024:11008-1

RHSA-2009:0382

RHSA-2009_0382

Produtos afetados

Red Hat

Libvirt

PT-2008-6233 · Libvirt+1 · Libvirt+1

CVE-2008-5086

Identificadores relacionados

Produtos afetados

Referências · 46