PT-2012-5383 · Xen+1 · Xen+1

Kurt Seifried

·

Published

2012-11-23

·

Updated

2024-06-15

·

CVE-2012-4411

CVSS v2.0

4.6

Medium

VectorAV:L/AC:L/Au:S/C:C/I:N/A:N
Name of the Vulnerable Software and Affected Versions Xen versions 4.0 through 4.2
Description The graphical console in Xen allows local OS guest administrators to obtain sensitive host resource information via the qemu monitor.
Recommendations For versions 4.0 through 4.2, consider restricting access to the qemu monitor to minimize the risk of exploitation.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2012-4411
DSA-2543-1
OPENSUSE-SU-2012_1572-1
OPENSUSE-SU-2012_1573-1
OPENSUSE-SU-2024:10196-1

Affected Products

Suse
Xen