CVE-2012-4411

EPSS 0.09%
Published 23.11.2012 20:55:03
Last modified 11.04.2025 00:51:21
Source secalert@redhat.com
Teams watchlist Login
Open Login

The graphical console in Xen 4.0, 4.1 and 4.2 allows local OS guest administrators to obtain sensitive host resource information via the qemu monitor.  NOTE: this might be a duplicate of CVE-2007-0998.

Affected products Warnungen 0 Metrics 2 CWE 1 References 22

Data is provided by the National Vulnerability Database (NVD)

Xen ≫ Xen Version4.0.0

Xen ≫ Xen Version4.1.0

Xen ≫ Xen Version4.2.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.09%	0.217

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.6	3.1	6.9	AV:L/AC:L/Au:S/C:C/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html

http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html

http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html

http://secunia.com/advisories/51413

http://secunia.com/advisories/55082

http://security.gentoo.org/glsa/glsa-201309-24.xml

http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00008.html

http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00009.html

http://secunia.com/advisories/51324

http://secunia.com/advisories/51352

https://security.gentoo.org/glsa/201604-03

http://www.debian.org/security/2012/dsa-2543

http://lists.xen.org/archives/html/xen-announce/2012-09/msg00007.html

http://lists.xen.org/archives/html/xen-announce/2012-09/msg00008.html

Vendor Advisory

http://secunia.com/advisories/50493

Vendor Advisory

http://www.openwall.com/lists/oss-security/2012/09/06/2

http://www.openwall.com/lists/oss-security/2012/09/06/7

http://www.openwall.com/lists/oss-security/2012/09/07/5

http://www.securityfocus.com/bid/55442

https://nvd.nist.gov/vuln/detail/CVE-2012-4411

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2012-4411

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2012-4411

EUVD