Oval Definition:oval:org.opensuse.security:def:202014301
Revision Date:2022-09-02Version:1
Title:CVE-2020-14301
Description:

An information disclosure vulnerability was found in libvirt in versions before 6.3.0. HTTP cookies used to access network-based disks were saved in the XML dump of the guest domain. This flaw allows an attacker to access potentially sensitive information in the domain configuration via the `dumpxml` command.
Family:unixClass:vulnerability
Status:Reference(s):Mitre CVE-2020-14301
SUSE CVE-2020-14301
Platform(s):SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Desktop 15 SP1
SUSE Linux Enterprise High Performance Computing 12 SP5
SUSE Linux Enterprise High Performance Computing 15 SP1
SUSE Linux Enterprise Module for Basesystem 15 SP1
SUSE Linux Enterprise Module for Server Applications 15 SP1
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server 15 SP1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
SUSE Linux Enterprise Server for SAP Applications 12 SP3
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE Linux Enterprise Server for SAP Applications 15 SP1
SUSE Linux Enterprise Software Development Kit 12 SP4
SUSE Linux Enterprise Software Development Kit 12 SP5
SUSE Linux Enterprise Storage 6
SUSE Manager Proxy 4.0
SUSE Manager Retail Branch Server 4.0
SUSE Manager Server 4.0
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND libvirt is not affected
  • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed
  • OR SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed
  • AND libvirt is not affected
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed
  • AND libvirt is not affected
  • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP1 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP1 is installed
  • OR SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed
  • OR SUSE Linux Enterprise Server 15 SP1 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed
  • OR SUSE Linux Enterprise Storage 6 is installed
  • OR SUSE Manager Proxy 4.0 is installed
  • OR SUSE Manager Retail Branch Server 4.0 is installed
  • OR SUSE Manager Server 4.0 is installed
  • AND libvirt is not affected
  • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP2 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • AND libvirt is not affected
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
  • AND
  • libvirt is not affected
  • OR libvirt-admin is not affected
  • OR libvirt-client is not affected
  • OR libvirt-daemon is not affected
  • OR libvirt-daemon-config-network is not affected
  • OR libvirt-daemon-config-nwfilter is not affected
  • OR libvirt-daemon-driver-interface is not affected
  • OR libvirt-daemon-driver-libxl is not affected
  • OR libvirt-daemon-driver-lxc is not affected
  • OR libvirt-daemon-driver-network is not affected
  • OR libvirt-daemon-driver-nodedev is not affected
  • OR libvirt-daemon-driver-nwfilter is not affected
  • OR libvirt-daemon-driver-qemu is not affected
  • OR libvirt-daemon-driver-secret is not affected
  • OR libvirt-daemon-driver-storage is not affected
  • OR libvirt-daemon-driver-storage-core is not affected
  • OR libvirt-daemon-driver-storage-disk is not affected
  • OR libvirt-daemon-driver-storage-iscsi is not affected
  • OR libvirt-daemon-driver-storage-logical is not affected
  • OR libvirt-daemon-driver-storage-mpath is not affected
  • OR libvirt-daemon-driver-storage-rbd is not affected
  • OR libvirt-daemon-driver-storage-scsi is not affected
  • OR libvirt-daemon-hooks is not affected
  • OR libvirt-daemon-lxc is not affected
  • OR libvirt-daemon-qemu is not affected
  • OR libvirt-daemon-xen is not affected
  • OR libvirt-doc is not affected
  • OR libvirt-libs is not affected
  • OR libvirt-lock-sanlock is not affected
  • OR libvirt-nss is not affected
  • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Performance Computing 12 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • AND libvirt is not affected
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • OR SUSE Linux Enterprise Software Development Kit 12 SP5 is installed
  • AND libvirt-devel is not affected
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP5 is installed
  • AND
  • libvirt is not affected
  • OR libvirt-admin is not affected
  • OR libvirt-client is not affected
  • OR libvirt-daemon is not affected
  • OR libvirt-daemon-config-network is not affected
  • OR libvirt-daemon-config-nwfilter is not affected
  • OR libvirt-daemon-driver-interface is not affected
  • OR libvirt-daemon-driver-libxl is not affected
  • OR libvirt-daemon-driver-lxc is not affected
  • OR libvirt-daemon-driver-network is not affected
  • OR libvirt-daemon-driver-nodedev is not affected
  • OR libvirt-daemon-driver-nwfilter is not affected
  • OR libvirt-daemon-driver-qemu is not affected
  • OR libvirt-daemon-driver-secret is not affected
  • OR libvirt-daemon-driver-storage is not affected
  • OR libvirt-daemon-driver-storage-core is not affected
  • OR libvirt-daemon-driver-storage-disk is not affected
  • OR libvirt-daemon-driver-storage-iscsi is not affected
  • OR libvirt-daemon-driver-storage-logical is not affected
  • OR libvirt-daemon-driver-storage-mpath is not affected
  • OR libvirt-daemon-driver-storage-rbd is not affected
  • OR libvirt-daemon-driver-storage-scsi is not affected
  • OR libvirt-daemon-hooks is not affected
  • OR libvirt-daemon-lxc is not affected
  • OR libvirt-daemon-qemu is not affected
  • OR libvirt-daemon-xen is not affected
  • OR libvirt-doc is not affected
  • OR libvirt-libs is not affected
  • OR libvirt-lock-sanlock is not affected
  • OR libvirt-nss is not affected
  • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • OR SUSE Linux Enterprise Server 12 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
  • OR SUSE Linux Enterprise Software Development Kit 12 SP4 is installed
  • AND libvirt is not affected
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
  • AND
  • libvirt is not affected
  • OR libvirt-admin is not affected
  • OR libvirt-client is not affected
  • OR libvirt-daemon is not affected
  • OR libvirt-daemon-config-network is not affected
  • OR libvirt-daemon-config-nwfilter is not affected
  • OR libvirt-daemon-driver-interface is not affected
  • OR libvirt-daemon-driver-libxl is not affected
  • OR libvirt-daemon-driver-lxc is not affected
  • OR libvirt-daemon-driver-network is not affected
  • OR libvirt-daemon-driver-nodedev is not affected
  • OR libvirt-daemon-driver-nwfilter is not affected
  • OR libvirt-daemon-driver-qemu is not affected
  • OR libvirt-daemon-driver-secret is not affected
  • OR libvirt-daemon-driver-storage is not affected
  • OR libvirt-daemon-driver-storage-core is not affected
  • OR libvirt-daemon-driver-storage-disk is not affected
  • OR libvirt-daemon-driver-storage-iscsi is not affected
  • OR libvirt-daemon-driver-storage-logical is not affected
  • OR libvirt-daemon-driver-storage-mpath is not affected
  • OR libvirt-daemon-driver-storage-rbd is not affected
  • OR libvirt-daemon-driver-storage-scsi is not affected
  • OR libvirt-daemon-hooks is not affected
  • OR libvirt-daemon-lxc is not affected
  • OR libvirt-daemon-qemu is not affected
  • OR libvirt-daemon-xen is not affected
  • OR libvirt-doc is not affected
  • OR libvirt-libs is not affected
  • OR libvirt-lock-sanlock is not affected
  • OR libvirt-nss is not affected
  • BACK