Lucene search

K
osvGoogleOSV:CVE-2020-14301
HistoryMay 27, 2021 - 8:15 p.m.

CVE-2020-14301

2021-05-2720:15:07
Google
osv.dev
18
vulnerability
information disclosure
libvirt
http cookies
network-based disks
xml dump
guest domain
attacker
sensitive information
domain configuration

AI Score

6

Confidence

Low

EPSS

0.001

Percentile

28.5%

An information disclosure vulnerability was found in libvirt in versions before 6.3.0. HTTP cookies used to access network-based disks were saved in the XML dump of the guest domain. This flaw allows an attacker to access potentially sensitive information in the domain configuration via the dumpxml command.