CVE-2018-1062 - OpenCVE

A vulnerability was discovered in oVirt 4.1.x before 4.1.9, where the combination of Enable Discard and Wipe After Delete flags for VM disks managed by oVirt, could cause a disk to be incompletely zeroed when removed from a VM. If the same storage blocks happen to be later allocated to a new disk attached to another VM, potentially sensitive data could be revealed to privileged users of that VM.

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:M/Au:S/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Redhat	Ovirt-engine

Configuration 1 [-]

cpe:2.3:a:redhat:ovirt-engine:*:*:*:*:*:*:*:*

References

Link	Resource
http://www.securityfocus.com/bid/103433	Third Party Advisory VDB Entry
https://access.redhat.com/errata/RHBA-2018:0135	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1549944	Issue Tracking Third Party Advisory
https://gerrit.ovirt.org/#/c/84861/	Vendor Advisory
https://gerrit.ovirt.org/#/c/84875/	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2018-03-06T00:00:00

Updated: 2018-03-20T09:57:01

Reserved: 2017-12-04T00:00:00

Link: CVE-2018-1062

JSON object: View

NVD Information

Status : Analyzed

Published: 2018-03-06T15:29:00.220

Modified: 2020-02-18T19:07:48.563

Link: CVE-2018-1062

JSON object: View

Redhat Information

No data.

CWE

CWE-212

{"containers": {"cna": {"affected": [{"product": "oVirt", "vendor": "oVirt", "versions": [{"status": "affected", "version": "4.1.x before 4.1.9"}]}], "datePublic": "2018-03-06T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability was discovered in oVirt 4.1.x before 4.1.9, where the combination of Enable Discard and Wipe After Delete flags for VM disks managed by oVirt, could cause a disk to be incompletely zeroed when removed from a VM. If the same storage blocks happen to be later allocated to a new disk attached to another VM, potentially sensitive data could be revealed to privileged users of that VM."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-212", "description": "CWE-212", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2018-03-20T09:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549944"}, {"name": "RHBA-2018:0135", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHBA-2018:0135"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://gerrit.ovirt.org/#/c/84875/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://gerrit.ovirt.org/#/c/84861/"}, {"name": "103433", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/103433"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "DATE_PUBLIC": "2018-03-06T00:00:00", "ID": "CVE-2018-1062", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "oVirt", "version": {"version_data": [{"version_value": "4.1.x before 4.1.9"}]}}]}, "vendor_name": "oVirt"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability was discovered in oVirt 4.1.x before 4.1.9, where the combination of Enable Discard and Wipe After Delete flags for VM disks managed by oVirt, could cause a disk to be incompletely zeroed when removed from a VM. If the same storage blocks happen to be later allocated to a new disk attached to another VM, potentially sensitive data could be revealed to privileged users of that VM."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-212"}]}]}, "references": {"reference_data": [{"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1549944", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549944"}, {"name": "RHBA-2018:0135", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHBA-2018:0135"}, {"name": "https://gerrit.ovirt.org/#/c/84875/", "refsource": "CONFIRM", "url": "https://gerrit.ovirt.org/#/c/84875/"}, {"name": "https://gerrit.ovirt.org/#/c/84861/", "refsource": "CONFIRM", "url": "https://gerrit.ovirt.org/#/c/84861/"}, {"name": "103433", "refsource": "BID", "url": "http://www.securityfocus.com/bid/103433"}]}}}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2018-1062", "datePublished": "2018-03-06T00:00:00", "dateReserved": "2017-12-04T00:00:00", "dateUpdated": "2018-03-20T09:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:ovirt-engine:*:*:*:*:*:*:*:*", "matchCriteriaId": "39DAC583-E6BA-4AFF-945D-B4BC682CE1C6", "versionEndExcluding": "4.1.9", "versionStartIncluding": "4.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability was discovered in oVirt 4.1.x before 4.1.9, where the combination of Enable Discard and Wipe After Delete flags for VM disks managed by oVirt, could cause a disk to be incompletely zeroed when removed from a VM. If the same storage blocks happen to be later allocated to a new disk attached to another VM, potentially sensitive data could be revealed to privileged users of that VM."}, {"lang": "es", "value": "Se ha descubierto una vulnerabilidad en versiones 4.1.x anteriores a la 4.1.9 de oVirt, donde la combinaci\u00f3n de las marcas Enable Discard y Wipe After Delete para los discos de m\u00e1quinas virtuales gestionados por oVirt podr\u00eda provocar que el disco tome el valor cero al eliminarse de una VM. Si los mismos bloques de almacenamiento se reasignan a un nuevo disco conectado a otra m\u00e1quina virtual, datos potencialmente sensibles podr\u00edan revelarse a usuarios privilegiados de esa m\u00e1quina virtual."}], "id": "CVE-2018-1062", "lastModified": "2020-02-18T19:07:48.563", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-03-06T15:29:00.220", "references": [{"source": "secalert@redhat.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/103433"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHBA-2018:0135"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549944"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://gerrit.ovirt.org/#/c/84861/"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://gerrit.ovirt.org/#/c/84875/"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-212"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-212"}], "source": "secalert@redhat.com", "type": "Secondary"}]}