Lucene search
HistoryJun 17, 2012 - 3:41 a.m.
CVE-2012-2693
CVSS2
3.7
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:H/Au:N/C:P/I:P/A:P
AI Score
6.2
Confidence
Low
EPSS
0
Percentile
5.1%
libvirt, possibly before 0.9.12, does not properly assign USB devices to virtual machines when multiple devices have the same vendor and product ID, which might cause the wrong device to be associated with a guest and might allow local users to access unintended USB devices.
Affected configurations
Node
redhatlibvirtRange≤0.9.11
ORredhatlibvirtMatch0.0.1
ORredhatlibvirtMatch0.0.2
ORredhatlibvirtMatch0.0.3
ORredhatlibvirtMatch0.0.4
ORredhatlibvirtMatch0.0.5
ORredhatlibvirtMatch0.0.6
ORredhatlibvirtMatch0.1.0
ORredhatlibvirtMatch0.1.1
ORredhatlibvirtMatch0.1.3
ORredhatlibvirtMatch0.1.4
ORredhatlibvirtMatch0.1.5
ORredhatlibvirtMatch0.1.6
ORredhatlibvirtMatch0.1.7
ORredhatlibvirtMatch0.1.8
ORredhatlibvirtMatch0.1.9
ORredhatlibvirtMatch0.2.0
ORredhatlibvirtMatch0.2.1
ORredhatlibvirtMatch0.2.2
ORredhatlibvirtMatch0.2.3
ORredhatlibvirtMatch0.3.0
ORredhatlibvirtMatch0.3.1
ORredhatlibvirtMatch0.3.2
ORredhatlibvirtMatch0.3.3
ORredhatlibvirtMatch0.4.0
ORredhatlibvirtMatch0.4.1
ORredhatlibvirtMatch0.4.2
ORredhatlibvirtMatch0.4.3
ORredhatlibvirtMatch0.4.4
ORredhatlibvirtMatch0.4.5
ORredhatlibvirtMatch0.4.6
ORredhatlibvirtMatch0.5.0
ORredhatlibvirtMatch0.5.1
ORredhatlibvirtMatch0.6.0
ORredhatlibvirtMatch0.6.1
ORredhatlibvirtMatch0.6.2
ORredhatlibvirtMatch0.6.3
ORredhatlibvirtMatch0.6.4
ORredhatlibvirtMatch0.6.5
ORredhatlibvirtMatch0.7.0
ORredhatlibvirtMatch0.7.1
ORredhatlibvirtMatch0.7.2
ORredhatlibvirtMatch0.7.3
ORredhatlibvirtMatch0.7.4
ORredhatlibvirtMatch0.7.5
ORredhatlibvirtMatch0.7.6
ORredhatlibvirtMatch0.7.7
ORredhatlibvirtMatch0.8.0
ORredhatlibvirtMatch0.8.1
ORredhatlibvirtMatch0.8.2
ORredhatlibvirtMatch0.8.3
ORredhatlibvirtMatch0.8.4
ORredhatlibvirtMatch0.8.5
ORredhatlibvirtMatch0.8.6
ORredhatlibvirtMatch0.8.7
ORredhatlibvirtMatch0.8.8
ORredhatlibvirtMatch0.9.0
ORredhatlibvirtMatch0.9.1
ORredhatlibvirtMatch0.9.2
ORredhatlibvirtMatch0.9.3
ORredhatlibvirtMatch0.9.4
ORredhatlibvirtMatch0.9.5
ORredhatlibvirtMatch0.9.6
ORredhatlibvirtMatch0.9.7
ORredhatlibvirtMatch0.9.8
ORredhatlibvirtMatch0.9.9
ORredhatlibvirtMatch0.9.10
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | libvirt | * | cpe:2.3:a:redhat:libvirt:*:*:*:*:*:*:*:* |
| redhat | libvirt | 0.0.1 | cpe:2.3:a:redhat:libvirt:0.0.1:*:*:*:*:*:*:* |
| redhat | libvirt | 0.0.2 | cpe:2.3:a:redhat:libvirt:0.0.2:*:*:*:*:*:*:* |
| redhat | libvirt | 0.0.3 | cpe:2.3:a:redhat:libvirt:0.0.3:*:*:*:*:*:*:* |
| redhat | libvirt | 0.0.4 | cpe:2.3:a:redhat:libvirt:0.0.4:*:*:*:*:*:*:* |
| redhat | libvirt | 0.0.5 | cpe:2.3:a:redhat:libvirt:0.0.5:*:*:*:*:*:*:* |
| redhat | libvirt | 0.0.6 | cpe:2.3:a:redhat:libvirt:0.0.6:*:*:*:*:*:*:* |
| redhat | libvirt | 0.1.0 | cpe:2.3:a:redhat:libvirt:0.1.0:*:*:*:*:*:*:* |
| redhat | libvirt | 0.1.1 | cpe:2.3:a:redhat:libvirt:0.1.1:*:*:*:*:*:*:* |
| redhat | libvirt | 0.1.3 | cpe:2.3:a:redhat:libvirt:0.1.3:*:*:*:*:*:*:* |
Related
openvas
openvas
RedHat Update for libvirt RHSA-2012:0748-05
2012-06-22 00:00:00
Oracle: Security Advisory (ELSA-2013-0127)
2015-10-06 00:00:00
CentOS Update for libvirt CESA-2013:0127 centos5
2013-01-21 00:00:00
oraclelinux
oraclelinux
libvirt security, bug fix, and enhancement update
2012-06-27 00:00:00
libvirt security and bug fix update
2013-01-11 00:00:00
debiancve
debiancve
CVE-2012-2693
2012-06-17 03:41:42
prion
prion
Design/Logic Flaw
2012-06-17 03:41:00
redhat
redhat
(RHSA-2013:0127) Low: libvirt security and bug fix update
2013-01-08 00:00:00
(RHSA-2012:0748) Low: libvirt security, bug fix, and enhancement update
2012-06-20 00:00:00
ubuntucve
ubuntucve
CVE-2012-2693
2012-06-17 00:00:00
nessus
nessus
Scientific Linux Security Update : libvirt on SL6.x i386/x86_64 (20120620)
2012-08-01 00:00:00
CentOS 5 : libvirt (CESA-2013:0127)
2013-01-17 00:00:00
CentOS 6 : libvirt (CESA-2012:0748)
2012-07-11 00:00:00
centos
centos
libvirt security update
2013-01-09 19:22:09
libvirt security update
2012-07-10 17:21:16
veracode
veracode
Unauthorized Access
2019-01-15 08:52:14
cvelist
cvelist
CVE-2012-2693
2012-06-17 01:00:00
cve
cve
CVE-2012-2693
2012-06-17 03:41:42
fedora
fedora
[SECURITY] Fedora 17 Update: libvirt-0.9.11.5-3.fc17
2012-09-04 22:56:31
[SECURITY] Fedora 17 Update: libvirt-0.9.11.6-1.fc17
2012-10-15 23:29:57
[SECURITY] Fedora 17 Update: libvirt-0.9.11.8-2.fc17
2013-01-03 07:24:39
CVSS2
3.7
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:H/Au:N/C:P/I:P/A:P
AI Score
6.2
Confidence
Low
EPSS
0
Percentile
5.1%
Related for NVD:CVE-2012-2693