CVE-2012-4411

EPSS 0.09%
Veröffentlicht 23.11.2012 20:55:03
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle secalert@redhat.com
Teams Watchlist Login
Unerledigt Login

The graphical console in Xen 4.0, 4.1 and 4.2 allows local OS guest administrators to obtain sensitive host resource information via the qemu monitor.  NOTE: this might be a duplicate of CVE-2007-0998.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 22

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Xen ≫ Xen Version4.0.0

Xen ≫ Xen Version4.1.0

Xen ≫ Xen Version4.2.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.09%	0.217

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.6	3.1	6.9	AV:L/AC:L/Au:S/C:C/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html

http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html

http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html

http://secunia.com/advisories/51413

http://secunia.com/advisories/55082

http://security.gentoo.org/glsa/glsa-201309-24.xml

http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00008.html

http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00009.html

http://secunia.com/advisories/51324

http://secunia.com/advisories/51352

https://security.gentoo.org/glsa/201604-03

http://www.debian.org/security/2012/dsa-2543

http://lists.xen.org/archives/html/xen-announce/2012-09/msg00007.html

http://lists.xen.org/archives/html/xen-announce/2012-09/msg00008.html

Vendor Advisory

http://secunia.com/advisories/50493

Vendor Advisory

http://www.openwall.com/lists/oss-security/2012/09/06/2

http://www.openwall.com/lists/oss-security/2012/09/06/7

http://www.openwall.com/lists/oss-security/2012/09/07/5

http://www.securityfocus.com/bid/55442

https://nvd.nist.gov/vuln/detail/CVE-2012-4411

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2012-4411

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2012-4411

EUVD