Revision Date: | 2022-09-02 | Version: | 1 |
Title: | CVE-2020-14301 |
Description: |
An information disclosure vulnerability was found in libvirt in versions before 6.3.0. HTTP cookies used to access network-based disks were saved in the XML dump of the guest domain. This flaw allows an attacker to access potentially sensitive information in the domain configuration via the `dumpxml` command.
|
Family: | unix | Class: | vulnerability |
Status: | | Reference(s): | Mitre CVE-2020-14301 SUSE CVE-2020-14301
|
Platform(s): | SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Desktop 15 SP1 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise High Performance Computing 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server 15 SP1 SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Server for SAP Applications 15 SP1 SUSE Linux Enterprise Software Development Kit 12 SP4 SUSE Linux Enterprise Software Development Kit 12 SP5 SUSE Linux Enterprise Storage 6 SUSE Manager Proxy 4.0 SUSE Manager Retail Branch Server 4.0 SUSE Manager Server 4.0
| Product(s): | |
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP4 is installed AND libvirt is not affected
|
Definition Synopsis |
Release Information
SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed
OR SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed
AND libvirt is not affected
|
Definition Synopsis |
SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed
AND libvirt is not affected
|
Definition Synopsis |
Release Information
SUSE Linux Enterprise Desktop 15 SP1 is installed
OR SUSE Linux Enterprise High Performance Computing 15 SP1 is installed
OR SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed
OR SUSE Linux Enterprise Server 15 SP1 is installed
OR SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed
OR SUSE Linux Enterprise Storage 6 is installed
OR SUSE Manager Proxy 4.0 is installed
OR SUSE Manager Retail Branch Server 4.0 is installed
OR SUSE Manager Server 4.0 is installed
AND libvirt is not affected
|
Definition Synopsis |
Release Information
SUSE Linux Enterprise Server 12 SP4 is installed
OR SUSE Linux Enterprise Server for SAP Applications 12 SP2 is installed
OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
AND libvirt is not affected
OR Package Information
SUSE Linux Enterprise Server 12 SP5 is installed
OR SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed
OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
AND
libvirt is not affected
OR libvirt-admin is not affected
OR libvirt-client is not affected
OR libvirt-daemon is not affected
OR libvirt-daemon-config-network is not affected
OR libvirt-daemon-config-nwfilter is not affected
OR libvirt-daemon-driver-interface is not affected
OR libvirt-daemon-driver-libxl is not affected
OR libvirt-daemon-driver-lxc is not affected
OR libvirt-daemon-driver-network is not affected
OR libvirt-daemon-driver-nodedev is not affected
OR libvirt-daemon-driver-nwfilter is not affected
OR libvirt-daemon-driver-qemu is not affected
OR libvirt-daemon-driver-secret is not affected
OR libvirt-daemon-driver-storage is not affected
OR libvirt-daemon-driver-storage-core is not affected
OR libvirt-daemon-driver-storage-disk is not affected
OR libvirt-daemon-driver-storage-iscsi is not affected
OR libvirt-daemon-driver-storage-logical is not affected
OR libvirt-daemon-driver-storage-mpath is not affected
OR libvirt-daemon-driver-storage-rbd is not affected
OR libvirt-daemon-driver-storage-scsi is not affected
OR libvirt-daemon-hooks is not affected
OR libvirt-daemon-lxc is not affected
OR libvirt-daemon-qemu is not affected
OR libvirt-daemon-xen is not affected
OR libvirt-doc is not affected
OR libvirt-libs is not affected
OR libvirt-lock-sanlock is not affected
OR libvirt-nss is not affected
|
Definition Synopsis |
Release Information
SUSE Linux Enterprise High Performance Computing 12 SP5 is installed
OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
AND libvirt is not affected
OR Package Information
SUSE Linux Enterprise Server 12 SP5 is installed
OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
OR SUSE Linux Enterprise Software Development Kit 12 SP5 is installed
AND libvirt-devel is not affected
OR Package Information
SUSE Linux Enterprise Server 12 SP5 is installed
AND
libvirt is not affected
OR libvirt-admin is not affected
OR libvirt-client is not affected
OR libvirt-daemon is not affected
OR libvirt-daemon-config-network is not affected
OR libvirt-daemon-config-nwfilter is not affected
OR libvirt-daemon-driver-interface is not affected
OR libvirt-daemon-driver-libxl is not affected
OR libvirt-daemon-driver-lxc is not affected
OR libvirt-daemon-driver-network is not affected
OR libvirt-daemon-driver-nodedev is not affected
OR libvirt-daemon-driver-nwfilter is not affected
OR libvirt-daemon-driver-qemu is not affected
OR libvirt-daemon-driver-secret is not affected
OR libvirt-daemon-driver-storage is not affected
OR libvirt-daemon-driver-storage-core is not affected
OR libvirt-daemon-driver-storage-disk is not affected
OR libvirt-daemon-driver-storage-iscsi is not affected
OR libvirt-daemon-driver-storage-logical is not affected
OR libvirt-daemon-driver-storage-mpath is not affected
OR libvirt-daemon-driver-storage-rbd is not affected
OR libvirt-daemon-driver-storage-scsi is not affected
OR libvirt-daemon-hooks is not affected
OR libvirt-daemon-lxc is not affected
OR libvirt-daemon-qemu is not affected
OR libvirt-daemon-xen is not affected
OR libvirt-doc is not affected
OR libvirt-libs is not affected
OR libvirt-lock-sanlock is not affected
OR libvirt-nss is not affected
|
Definition Synopsis |
Release Information
SUSE Linux Enterprise Desktop 12 SP4 is installed
OR SUSE Linux Enterprise Server 12 SP4 is installed
OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
OR SUSE Linux Enterprise Software Development Kit 12 SP4 is installed
AND libvirt is not affected
OR Package Information
SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
AND
libvirt is not affected
OR libvirt-admin is not affected
OR libvirt-client is not affected
OR libvirt-daemon is not affected
OR libvirt-daemon-config-network is not affected
OR libvirt-daemon-config-nwfilter is not affected
OR libvirt-daemon-driver-interface is not affected
OR libvirt-daemon-driver-libxl is not affected
OR libvirt-daemon-driver-lxc is not affected
OR libvirt-daemon-driver-network is not affected
OR libvirt-daemon-driver-nodedev is not affected
OR libvirt-daemon-driver-nwfilter is not affected
OR libvirt-daemon-driver-qemu is not affected
OR libvirt-daemon-driver-secret is not affected
OR libvirt-daemon-driver-storage is not affected
OR libvirt-daemon-driver-storage-core is not affected
OR libvirt-daemon-driver-storage-disk is not affected
OR libvirt-daemon-driver-storage-iscsi is not affected
OR libvirt-daemon-driver-storage-logical is not affected
OR libvirt-daemon-driver-storage-mpath is not affected
OR libvirt-daemon-driver-storage-rbd is not affected
OR libvirt-daemon-driver-storage-scsi is not affected
OR libvirt-daemon-hooks is not affected
OR libvirt-daemon-lxc is not affected
OR libvirt-daemon-qemu is not affected
OR libvirt-daemon-xen is not affected
OR libvirt-doc is not affected
OR libvirt-libs is not affected
OR libvirt-lock-sanlock is not affected
OR libvirt-nss is not affected
|