PT-2010-4945 · Oracle · Oracle Vm

Published

2010-10-14

Updated

2018-10-10

CVE-2010-3584

CVSS v2.0

4.3

Medium

Vector

AV:L/AC:L/Au:S/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Oracle VM version 2.2.1

Description The issue affects confidentiality, integrity, and availability. It is related to the ovs-agent in Oracle VM. There are claims from a third-party researcher that this issue might be related to the storage of passwords and password hashes in cleartext in files with insecure permissions.

Recommendations For Oracle VM version 2.2.1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2010-3584

Affected Products

Oracle Vm

PT-2010-4945 · Oracle · Oracle Vm

CVE-2010-3584

Related Identifiers

Affected Products

References · 4