Lucene search

RedhatCVE-2012-2693

HistoryJun 17, 2012 - 3:41 a.m.

CVE-2012-2693

2012-06-1703:41:42

CWE-264

redhat

web.nvd.nist.gov

libvirt

usb devices

virtual machines

vendor and product id

security vulnerability

local access

CVSS2

3.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:P/I:P/A:P

AI Score

6.1

Confidence

Low

EPSS

Percentile

5.1%

JSON

libvirt, possibly before 0.9.12, does not properly assign USB devices to virtual machines when multiple devices have the same vendor and product ID, which might cause the wrong device to be associated with a guest and might allow local users to access unintended USB devices.

Affected configurations

Nvd

Node

redhatlibvirtRange≤0.9.11

redhatlibvirtMatch0.0.1

redhatlibvirtMatch0.0.2

redhatlibvirtMatch0.0.3

redhatlibvirtMatch0.0.4

redhatlibvirtMatch0.0.5

redhatlibvirtMatch0.0.6

redhatlibvirtMatch0.1.0

redhatlibvirtMatch0.1.1

redhatlibvirtMatch0.1.3

redhatlibvirtMatch0.1.4

redhatlibvirtMatch0.1.5

redhatlibvirtMatch0.1.6

redhatlibvirtMatch0.1.7

redhatlibvirtMatch0.1.8

redhatlibvirtMatch0.1.9

redhatlibvirtMatch0.2.0

redhatlibvirtMatch0.2.1

redhatlibvirtMatch0.2.2

redhatlibvirtMatch0.2.3

redhatlibvirtMatch0.3.0

redhatlibvirtMatch0.3.1

redhatlibvirtMatch0.3.2

redhatlibvirtMatch0.3.3

redhatlibvirtMatch0.4.0

redhatlibvirtMatch0.4.1

redhatlibvirtMatch0.4.2

redhatlibvirtMatch0.4.3

redhatlibvirtMatch0.4.4

redhatlibvirtMatch0.4.5

redhatlibvirtMatch0.4.6

redhatlibvirtMatch0.5.0

redhatlibvirtMatch0.5.1

redhatlibvirtMatch0.6.0

redhatlibvirtMatch0.6.1

redhatlibvirtMatch0.6.2

redhatlibvirtMatch0.6.3

redhatlibvirtMatch0.6.4

redhatlibvirtMatch0.6.5

redhatlibvirtMatch0.7.0

redhatlibvirtMatch0.7.1

redhatlibvirtMatch0.7.2

redhatlibvirtMatch0.7.3

redhatlibvirtMatch0.7.4

redhatlibvirtMatch0.7.5

redhatlibvirtMatch0.7.6

redhatlibvirtMatch0.7.7

redhatlibvirtMatch0.8.0

redhatlibvirtMatch0.8.1

redhatlibvirtMatch0.8.2

redhatlibvirtMatch0.8.3

redhatlibvirtMatch0.8.4

redhatlibvirtMatch0.8.5

redhatlibvirtMatch0.8.6

redhatlibvirtMatch0.8.7

redhatlibvirtMatch0.8.8

redhatlibvirtMatch0.9.0

redhatlibvirtMatch0.9.1

redhatlibvirtMatch0.9.2

redhatlibvirtMatch0.9.3

redhatlibvirtMatch0.9.4

redhatlibvirtMatch0.9.5

redhatlibvirtMatch0.9.6

redhatlibvirtMatch0.9.7

redhatlibvirtMatch0.9.8

redhatlibvirtMatch0.9.9

redhatlibvirtMatch0.9.10

VendorProductVersionCPE
redhatlibvirt*cpe:2.3:a:redhat:libvirt:*:*:*:*:*:*:*:*
redhatlibvirt0.0.1cpe:2.3:a:redhat:libvirt:0.0.1:*:*:*:*:*:*:*
redhatlibvirt0.0.2cpe:2.3:a:redhat:libvirt:0.0.2:*:*:*:*:*:*:*
redhatlibvirt0.0.3cpe:2.3:a:redhat:libvirt:0.0.3:*:*:*:*:*:*:*
redhatlibvirt0.0.4cpe:2.3:a:redhat:libvirt:0.0.4:*:*:*:*:*:*:*
redhatlibvirt0.0.5cpe:2.3:a:redhat:libvirt:0.0.5:*:*:*:*:*:*:*
redhatlibvirt0.0.6cpe:2.3:a:redhat:libvirt:0.0.6:*:*:*:*:*:*:*
redhatlibvirt0.1.0cpe:2.3:a:redhat:libvirt:0.1.0:*:*:*:*:*:*:*
redhatlibvirt0.1.1cpe:2.3:a:redhat:libvirt:0.1.1:*:*:*:*:*:*:*
redhatlibvirt0.1.3cpe:2.3:a:redhat:libvirt:0.1.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
redhat	libvirt	*	cpe:2.3:a:redhat:libvirt::::::::
redhat	libvirt	0.0.1	cpe:2.3:a:redhat:libvirt:0.0.1:::::::*
redhat	libvirt	0.0.2	cpe:2.3:a:redhat:libvirt:0.0.2:::::::*
redhat	libvirt	0.0.3	cpe:2.3:a:redhat:libvirt:0.0.3:::::::*
redhat	libvirt	0.0.4	cpe:2.3:a:redhat:libvirt:0.0.4:::::::*
redhat	libvirt	0.0.5	cpe:2.3:a:redhat:libvirt:0.0.5:::::::*
redhat	libvirt	0.0.6	cpe:2.3:a:redhat:libvirt:0.0.6:::::::*
redhat	libvirt	0.1.0	cpe:2.3:a:redhat:libvirt:0.1.0:::::::*
redhat	libvirt	0.1.1	cpe:2.3:a:redhat:libvirt:0.1.1:::::::*
redhat	libvirt	0.1.3	cpe:2.3:a:redhat:libvirt:0.1.3:::::::*