Lucene search

[email protected]NVD:CVE-2010-2242

HistoryAug 19, 2010 - 6:00 p.m.

CVE-2010-2242

2010-08-1918:00:03

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.3

Confidence

Low

EPSS

0.001

Percentile

26.4%

JSON

Red Hat libvirt 0.2.0 through 0.8.2 creates iptables rules with improper mappings of privileged source ports, which allows guest OS users to bypass intended access restrictions by leveraging IP address and source-port values, as demonstrated by copying and deleting an NFS directory tree.

Affected configurations

Nvd

Node

libvirtlibvirtMatch0.2.0

libvirtlibvirtMatch0.2.1

libvirtlibvirtMatch0.2.2

libvirtlibvirtMatch0.2.3

libvirtlibvirtMatch0.3.0

libvirtlibvirtMatch0.3.1

libvirtlibvirtMatch0.3.2

libvirtlibvirtMatch0.3.3

libvirtlibvirtMatch0.4.0

libvirtlibvirtMatch0.4.1

libvirtlibvirtMatch0.4.2

libvirtlibvirtMatch0.4.3

libvirtlibvirtMatch0.4.4

libvirtlibvirtMatch0.4.6

libvirtlibvirtMatch0.5.0

libvirtlibvirtMatch0.5.1

libvirtlibvirtMatch0.6.0

libvirtlibvirtMatch0.6.1

libvirtlibvirtMatch0.6.2

libvirtlibvirtMatch0.6.3

libvirtlibvirtMatch0.6.4

libvirtlibvirtMatch0.6.5

libvirtlibvirtMatch0.7.0

libvirtlibvirtMatch0.7.1

libvirtlibvirtMatch0.7.2

libvirtlibvirtMatch0.7.3

libvirtlibvirtMatch0.7.4

libvirtlibvirtMatch0.7.5

libvirtlibvirtMatch0.7.6

libvirtlibvirtMatch0.7.7

libvirtlibvirtMatch0.8.0

libvirtlibvirtMatch0.8.1

libvirtlibvirtMatch0.8.2

VendorProductVersionCPE
libvirtlibvirt0.2.0cpe:2.3:a:libvirt:libvirt:0.2.0:*:*:*:*:*:*:*
libvirtlibvirt0.2.1cpe:2.3:a:libvirt:libvirt:0.2.1:*:*:*:*:*:*:*
libvirtlibvirt0.2.2cpe:2.3:a:libvirt:libvirt:0.2.2:*:*:*:*:*:*:*
libvirtlibvirt0.2.3cpe:2.3:a:libvirt:libvirt:0.2.3:*:*:*:*:*:*:*
libvirtlibvirt0.3.0cpe:2.3:a:libvirt:libvirt:0.3.0:*:*:*:*:*:*:*
libvirtlibvirt0.3.1cpe:2.3:a:libvirt:libvirt:0.3.1:*:*:*:*:*:*:*
libvirtlibvirt0.3.2cpe:2.3:a:libvirt:libvirt:0.3.2:*:*:*:*:*:*:*
libvirtlibvirt0.3.3cpe:2.3:a:libvirt:libvirt:0.3.3:*:*:*:*:*:*:*
libvirtlibvirt0.4.0cpe:2.3:a:libvirt:libvirt:0.4.0:*:*:*:*:*:*:*
libvirtlibvirt0.4.1cpe:2.3:a:libvirt:libvirt:0.4.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
libvirt	libvirt	0.2.0	cpe:2.3:a:libvirt:libvirt:0.2.0:::::::*
libvirt	libvirt	0.2.1	cpe:2.3:a:libvirt:libvirt:0.2.1:::::::*
libvirt	libvirt	0.2.2	cpe:2.3:a:libvirt:libvirt:0.2.2:::::::*
libvirt	libvirt	0.2.3	cpe:2.3:a:libvirt:libvirt:0.2.3:::::::*
libvirt	libvirt	0.3.0	cpe:2.3:a:libvirt:libvirt:0.3.0:::::::*
libvirt	libvirt	0.3.1	cpe:2.3:a:libvirt:libvirt:0.3.1:::::::*
libvirt	libvirt	0.3.2	cpe:2.3:a:libvirt:libvirt:0.3.2:::::::*
libvirt	libvirt	0.3.3	cpe:2.3:a:libvirt:libvirt:0.3.3:::::::*
libvirt	libvirt	0.4.0	cpe:2.3:a:libvirt:libvirt:0.4.0:::::::*
libvirt	libvirt	0.4.1	cpe:2.3:a:libvirt:libvirt:0.4.1:::::::*