CVE-2014-3559

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2014-3559
The oVirt storage backend in Red Hat Enterprise Virtualization 3.4 does not wipe memory snapshots when deleting a VM, even when wipe-after-delete (WAD) is configured for the VM's disk, which allows remote authenticated users with certain credentials to read portions of the deleted VM's memory and obtain sensitive information via an uninitialized storage volume.

3.5 /10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:N/AC:M/Au:S/C:P/I:N/A:N

Exploitability : 6.8 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References
Link Resource
http://rhn.redhat.com/errata/RHSA-2014-1002.html Vendor Advisory
http://www.securitytracker.com/id/1030664
https://bugzilla.redhat.com/show_bug.cgi?id=1121925
https://exchange.xforce.ibmcloud.com/vulnerabilities/95098
Configurations

Configuration 1 (hide)

cpe:2.3:a:redhat:enterprise_virtualization:3.4:*:*:*:*:*:*:*
History

13 Feb 2023, 00:40

Type Values Removed Values Added
References
  • {'url': 'https://access.redhat.com/security/cve/CVE-2014-3559', 'name': 'https://access.redhat.com/security/cve/CVE-2014-3559', 'tags': [], 'refsource': 'MISC'}
  • {'url': 'https://access.redhat.com/errata/RHSA-2014:1002', 'name': 'https://access.redhat.com/errata/RHSA-2014:1002', 'tags': [], 'refsource': 'MISC'}
Summary It was found that the oVirt storage back end did not wipe memory snapshots when VMs were deleted, even if wipe-after-delete (WAD) was enabled for the VM's disks. A remote attacker with credentials to create a new VM could use this flaw to potentially access the contents of memory snapshots in an uninitialized storage volume, possibly leading to the disclosure of sensitive information. The oVirt storage backend in Red Hat Enterprise Virtualization 3.4 does not wipe memory snapshots when deleting a VM, even when wipe-after-delete (WAD) is configured for the VM's disk, which allows remote authenticated users with certain credentials to read portions of the deleted VM's memory and obtain sensitive information via an uninitialized storage volume.

02 Feb 2023, 16:15

Type Values Removed Values Added
Summary The oVirt storage backend in Red Hat Enterprise Virtualization 3.4 does not wipe memory snapshots when deleting a VM, even when wipe-after-delete (WAD) is configured for the VM's disk, which allows remote authenticated users with certain credentials to read portions of the deleted VM's memory and obtain sensitive information via an uninitialized storage volume. It was found that the oVirt storage back end did not wipe memory snapshots when VMs were deleted, even if wipe-after-delete (WAD) was enabled for the VM's disks. A remote attacker with credentials to create a new VM could use this flaw to potentially access the contents of memory snapshots in an uninitialized storage volume, possibly leading to the disclosure of sensitive information.
References
  • (MISC) https://access.redhat.com/security/cve/CVE-2014-3559 -
  • (MISC) https://access.redhat.com/errata/RHSA-2014:1002 -
Information

Published : 2014-08-06 19:55

Updated : 2023-12-10 11:31

NVD link : CVE-2014-3559

Mitre link : CVE-2014-3559

CVE.ORG link : CVE-2014-3559

JSON object : View

Products Affected

redhat

  • enterprise_virtualization
CWE
CWE-264

Permissions, Privileges, and Access Controls