CVE-2014-7823

2014-11-13T21:32:00
ID CVE-2014-7823
Type cve
Reporter cve@mitre.org
Modified 2017-01-03T02:59:00

Description

The virDomainGetXMLDesc API in Libvirt before 1.2.11 allows remote read-only users to obtain the VNC password by using the VIR_DOMAIN_XML_MIGRATABLE flag, which triggers the use of the VIR_DOMAIN_XML_SECURE flag.