qcow format could expose host filesystem information

CVE-2011-3147

2.8LOW

Key Information

Vendor: Openstack
Status: Nova
Vendor: CVE Published:; 22 April 2019

Summary

Versions of nova before 2012.1 could expose hypervisor host files to a guest operating system when processing a maliciously constructed qcow filesystem.

CVSS V3.1

Score:

2.8

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Risk change from: 8.6 to: 2.8 - (LOW)
Sep 16, 2024
Vulnerability published.
Apr 22, 2019
Vulnerability Reserved.
Aug 16, 2011

Collectors

NVD DatabaseMitre Database

Credit

Scott Moser

.