CVE-2018-1062

A vulnerability was discovered in oVirt 4.1.x before 4.1.9, where the combination of Enable Discard and Wipe After Delete flags for VM disks managed by oVirt, could cause a disk to be incompletely zeroed when removed from a VM. If the same storage blocks happen to be later allocated to a new disk attached to another VM, potentially sensitive data could be revealed to privileged users of that VM.

CVSS v3 5.3 MEDIUM
CVSS v2.0 3.5 LOW

5.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.6 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

3.5^/10

CVSS v2.0 : LOW

Vector : AV:N/AC:M/Au:S/C:P/I:N/A:N

Exploitability : 6.8 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://www.securityfocus.com/bid/103433	Third Party Advisory VDB Entry
https://access.redhat.com/errata/RHBA-2018:0135	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1549944	Issue Tracking Third Party Advisory
https://gerrit.ovirt.org/#/c/84861/	Vendor Advisory
https://gerrit.ovirt.org/#/c/84875/	Vendor Advisory
http://www.securityfocus.com/bid/103433	Third Party Advisory VDB Entry
https://access.redhat.com/errata/RHBA-2018:0135	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1549944	Issue Tracking Third Party Advisory
https://gerrit.ovirt.org/#/c/84861/	Vendor Advisory
https://gerrit.ovirt.org/#/c/84875/	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:redhat:ovirt-engine:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-03-06 15:29

Updated : 2024-11-21 03:59

NVD link : CVE-2018-1062

Mitre link : CVE-2018-1062

CVE.ORG link : CVE-2018-1062

JSON object : View

Products Affected

redhat

ovirt-engine

CWE

CWE-212

Improper Removal of Sensitive Information Before Storage or Transfer

{"id": "CVE-2018-1062", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.6}]}, "published": "2018-03-06T15:29:00.220", "references": [{"url": "http://www.securityfocus.com/bid/103433", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHBA-2018:0135", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549944", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://gerrit.ovirt.org/#/c/84861/", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://gerrit.ovirt.org/#/c/84875/", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/103433", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://access.redhat.com/errata/RHBA-2018:0135", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549944", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://gerrit.ovirt.org/#/c/84861/", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://gerrit.ovirt.org/#/c/84875/", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-212"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-212"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability was discovered in oVirt 4.1.x before 4.1.9, where the combination of Enable Discard and Wipe After Delete flags for VM disks managed by oVirt, could cause a disk to be incompletely zeroed when removed from a VM. If the same storage blocks happen to be later allocated to a new disk attached to another VM, potentially sensitive data could be revealed to privileged users of that VM."}, {"lang": "es", "value": "Se ha descubierto una vulnerabilidad en versiones 4.1.x anteriores a la 4.1.9 de oVirt, donde la combinaci\u00f3n de las marcas Enable Discard y Wipe After Delete para los discos de m\u00e1quinas virtuales gestionados por oVirt podr\u00eda provocar que el disco tome el valor cero al eliminarse de una VM. Si los mismos bloques de almacenamiento se reasignan a un nuevo disco conectado a otra m\u00e1quina virtual, datos potencialmente sensibles podr\u00edan revelarse a usuarios privilegiados de esa m\u00e1quina virtual."}], "lastModified": "2024-11-21T03:59:05.923", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:ovirt-engine:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39DAC583-E6BA-4AFF-945D-B4BC682CE1C6", "versionEndExcluding": "4.1.9", "versionStartIncluding": "4.1.0"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}