Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:34506
HistoryMar 04, 2022 - 7:05 a.m.

Denial Of Service (DoS)

2022-03-0407:05:25
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

libvirt.so is vulnerable to denial of service. Lack of proper handling of a locked virStoragePoolObj object to release on ACL permission failure in the function virStoragePoolLookupByTargetPath allows other users to access storage pool APIs, causing an application crash.

CPENameOperatorVersion
libvirt.sole0.8000.0
libvirt.sole0.8000.0

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

Related for VERACODE:34506