Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2012-2693 | First vendor Publication | 2012-06-16 |
| Vendor | Cve | Last vendor Modification | 2024-11-21 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:H/Au:N/C:P/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 3.7 | Attack Range | Local |
| Cvss Impact Score | 6.4 | Attack Complexity | High |
| Cvss Expoit Score | 1.9 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| libvirt, possibly before 0.9.12, does not properly assign USB devices to virtual machines when multiple devices have the same vendor and product ID, which might cause the wrong device to be associated with a guest and might allow local users to access unintended USB devices. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2693 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-264 | Permissions, Privileges, and Access Controls |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:20602 | |||
| Oval ID: | oval:org.mitre.oval:def:20602 | ||
| Title: | RHSA-2012:0748: libvirt security, bug fix, and enhancement update (Low) | ||
| Description: | libvirt, possibly before 0.9.12, does not properly assign USB devices to virtual machines when multiple devices have the same vendor and product ID, which might cause the wrong device to be associated with a guest and might allow local users to access unintended USB devices. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2012:0748-05 CESA-2012:0748 CVE-2012-2693 | Version: | 4 |
| Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | libvirt |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:21039 | |||
| Oval ID: | oval:org.mitre.oval:def:21039 | ||
| Title: | RHSA-2013:0127: libvirt security and bug fix update (Low) | ||
| Description: | libvirt, possibly before 0.9.12, does not properly assign USB devices to virtual machines when multiple devices have the same vendor and product ID, which might cause the wrong device to be associated with a guest and might allow local users to access unintended USB devices. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2013:0127-00 CESA-2013:0127 CVE-2012-2693 | Version: | 4 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | libvirt |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:23294 | |||
| Oval ID: | oval:org.mitre.oval:def:23294 | ||
| Title: | ELSA-2013:0127: libvirt security and bug fix update (Low) | ||
| Description: | libvirt, possibly before 0.9.12, does not properly assign USB devices to virtual machines when multiple devices have the same vendor and product ID, which might cause the wrong device to be associated with a guest and might allow local users to access unintended USB devices. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2013:0127-00 CVE-2012-2693 | Version: | 6 |
| Platform(s): | Oracle Linux 5 | Product(s): | libvirt |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:23831 | |||
| Oval ID: | oval:org.mitre.oval:def:23831 | ||
| Title: | ELSA-2012:0748: libvirt security, bug fix, and enhancement update (Low) | ||
| Description: | libvirt, possibly before 0.9.12, does not properly assign USB devices to virtual machines when multiple devices have the same vendor and product ID, which might cause the wrong device to be associated with a guest and might allow local users to access unintended USB devices. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012:0748-05 CVE-2012-2693 | Version: | 6 |
| Platform(s): | Oracle Linux 6 | Product(s): | libvirt |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:27180 | |||
| Oval ID: | oval:org.mitre.oval:def:27180 | ||
| Title: | DEPRECATED: ELSA-2012-0748 -- libvirt security, bug fix, and enhancement update (low) | ||
| Description: | [libvirt-0.9.10-21.0.1.el6] - Replace docs/et.png in tarball with blank image [libvirt-0.9.10-21.el6] - qemu: Rollback on used USB devices (rhbz#743671) - qemu: Dont delete USB device on failed qemuPrepareHostdevUSBDevices (rhbz#743671) - Revert 'rpc: Discard non-blocking calls only when necessary' (rhbz#821468) | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012-0748 CVE-2012-2693 | Version: | 4 |
| Platform(s): | Oracle Linux 6 | Product(s): | libvirt |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27410 | |||
| Oval ID: | oval:org.mitre.oval:def:27410 | ||
| Title: | DEPRECATED: ELSA-2013-0127 -- libvirt security and bug fix update (low) | ||
| Description: | [0.8.2-29.0.1.el5] - Replaced docs/et.png in tarball - remove virshtest from test cases to fix failure in mock build root | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2013-0127 CVE-2012-2693 | Version: | 4 |
| Platform(s): | Oracle Linux 5 | Product(s): | libvirt |
| Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2012-10-16 | Name : Fedora Update for libvirt FEDORA-2012-15634 File : nvt/gb_fedora_2012_15634_libvirt_fc17.nasl |
| 2012-09-07 | Name : Fedora Update for libvirt FEDORA-2012-12523 File : nvt/gb_fedora_2012_12523_libvirt_fc17.nasl |
| 2012-07-30 | Name : CentOS Update for libvirt CESA-2012:0748 centos6 File : nvt/gb_CESA-2012_0748_libvirt_centos6.nasl |
| 2012-06-22 | Name : RedHat Update for libvirt RHSA-2012:0748-05 File : nvt/gb_RHSA-2012_0748-05_libvirt.nasl |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0748.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0127.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0127.nasl - Type : ACT_GATHER_INFO |
| 2013-01-17 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0127.nasl - Type : ACT_GATHER_INFO |
| 2013-01-17 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130108_libvirt_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120620_libvirt_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-07-11 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0748.nasl - Type : ACT_GATHER_INFO |
| 2012-06-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0748.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-11-28 23:01:29 |
|
| 2024-11-28 12:30:05 |
|
| 2024-08-02 12:19:59 |
|
| 2024-08-02 01:05:53 |
|
| 2024-02-02 01:19:24 |
|
| 2024-02-01 12:05:43 |
|
| 2023-09-05 12:18:19 |
|
| 2023-09-05 01:05:36 |
|
| 2023-09-02 12:18:20 |
|
| 2023-09-02 01:05:42 |
|
| 2023-08-12 12:22:06 |
|
| 2023-08-12 01:05:43 |
|
| 2023-08-11 12:18:27 |
|
| 2023-08-11 01:05:52 |
|
| 2023-08-06 12:17:44 |
|
| 2023-08-06 01:05:43 |
|
| 2023-08-04 12:17:48 |
|
| 2023-08-04 01:05:46 |
|
| 2023-07-14 12:17:47 |
|
| 2023-07-14 01:05:40 |
|
| 2023-03-29 01:19:44 |
|
| 2023-03-28 12:05:48 |
|
| 2022-10-11 12:15:53 |
|
| 2022-10-11 01:05:24 |
|
| 2021-05-04 12:20:00 |
|
| 2021-04-22 01:23:43 |
|
| 2020-05-23 01:48:50 |
|
| 2020-05-23 00:33:42 |
|
| 2019-10-04 12:04:49 |
|
| 2019-04-23 12:04:19 |
|
| 2016-04-26 21:51:34 |
|
| 2014-02-17 11:10:39 |
|
| 2013-05-10 22:40:08 |
|
| 2013-01-15 13:21:13 |
|
