The oVirt storage backend in Red Hat Enterprise Virtualization 3.4 does not wipe memory snapshots when deleting a VM, even when wipe-after-delete (WAD) is configured for the VM's disk, which allows remote authenticated users with certain credentials to read portions of the deleted VM's memory and obtain sensitive information via an uninitialized storage volume.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2014-08-06T19:00:00
Updated: 2017-08-28T12:57:01
Reserved: 2014-05-14T00:00:00
Link: CVE-2014-3559
JSON object: View
NVD Information
Status : Modified
Published: 2014-08-06T19:55:03.727
Modified: 2023-02-13T00:40:36.483
Link: CVE-2014-3559
JSON object: View
Redhat Information
No data.
CWE