Lucene search

K

RedhatCVELIST:CVE-2019-3886

HistoryApr 04, 2019 - 12:00 a.m.

CVE-2019-3886

2019-04-0400:00:00

CWE-862

redhat

www.cve.org

1

5.4 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

5.5 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.3%

An incorrect permissions check was discovered in libvirt 4.8.0 and above. The readonly permission was allowed to invoke APIs depending on the guest agent, which could lead to potentially disclosing unintended information or denial of service by causing libvirt to block.

CNA Affected

[
  {
    "vendor": "The libvirt Project",
    "product": "libvirt",
    "versions": [
      {
        "version": "4.8.0 and above",
        "status": "affected"
      }
    ]
  }
]

References

lists.opensuse.org/opensuse-security-announce/2019-04/msg00105.html

www.securityfocus.com/bid/107777

access.redhat.com/errata/RHBA-2019:3723

bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3886

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CYMNKXAUBZCFBBPFH64FJPH5EJH4GSU2/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R5DHYIFECZ7BMVXK4EP4FDFZXK7I5MZH/

usn.ubuntu.com/4021-1/

5.4 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

5.5 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.3%

Related for CVELIST:CVE-2019-3886

prion2 osv2 openvas14 debiancve2 cbl_mariner1 nvd2 cve2 redhatcve2 ubuntucve2 nessus14 veracode1 ubuntu1 cvelist1 suse1 mageia1 fedora2