Risk | Low |
Patch available | YES |
Number of vulnerabilities | 2 |
CVE-ID | CVE-2018-10472 CVE-2018-10471 |
CWE-ID | CWE-200 |
Exploitation vector | Local network |
Public exploit | N/A |
Vulnerable software Subscribe |
Xen Server applications / Virtualization software |
Vendor | Xen Project |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
EUVDB-ID: #VU12287
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-10472
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows an adjacent attacker to obtain potentially sensitive information.
The weakness exists due to improper information control. An adjacent attacker can supply a specially crafted CDROM image to read arbitrary files or device nodes on the dom0 filesystem with the privileges of the quem devicemodel process.
MitigationInstall update from vendor's website.
Vulnerable software versionsXen: 4.6.0 - 4.10.0
External linkshttp://xenbits.xen.org/xsa/advisory-258.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU12288
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-10471
CWE-ID: N/A
Exploit availability: No
DescriptionThe vulnerability allows an adjacent attacker to cause DoS condition on the target system.
The weakness exists due to error handling flaw. An adjacent attacker can cause the service to crash.
MitigationInstall update from vendor's website.
Xen: 4.6.0 - 4.10.0
External linkshttp://xenbits.xen.org/xsa/advisory-259.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.