Redhat : Security Vulnerabilities, CVEs, Published In January 2015 (Information Leak)
libvirt before 1.2.12 allow remote authenticated users to obtain the VNC password by using the VIR_DOMAIN_XML_SECURE flag with a crafted (1) snapshot to the virDomainSnapshotGetXMLDesc interface or (2) image to the virDomainSaveImageGetXMLDesc interface.
Max CVSS
3.5
EPSS Score
0.20%
Published
2015-01-29
Updated
2023-02-12
1 vulnerabilities found