Vulnerabilites related to xen - qemu
CVE-2007-0998 (GCVE-0-2007-0998)
Vulnerability from cvelistv5
Published
2007-03-20 10:00
Modified
2024-08-07 12:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The VNC server implementation in QEMU, as used by Xen and possibly other environments, allows local users of a guest operating system to read arbitrary files on the host operating system via unspecified vectors related to QEMU monitor mode, as demonstrated by mapping files to a CDROM device. NOTE: some of these details are obtained from third party information.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:43:21.585Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "fedora-xen-qemuvnc-information-disclosure(33085)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33085"
},
{
"name": "51413",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51413"
},
{
"name": "22967",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22967"
},
{
"name": "ADV-2007-1021",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1021"
},
{
"name": "ADV-2007-1019",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1019"
},
{
"name": "RHSA-2007:0114",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0114.html"
},
{
"name": "34304",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/34304"
},
{
"name": "ADV-2007-1020",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1020"
},
{
"name": "oval:org.mitre.oval:def:10486",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10486"
},
{
"name": "openSUSE-SU-2012:1572",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
},
{
"name": "FEDORA-2007-344",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://fedoranews.org/cms/node/2802"
},
{
"name": "SUSE-SU-2014:0446",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html"
},
{
"name": "FEDORA-2007-343",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://fedoranews.org/cms/node/2803"
},
{
"name": "24575",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24575"
},
{
"name": "1017764",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017764"
},
{
"name": "openSUSE-SU-2012:1573",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The VNC server implementation in QEMU, as used by Xen and possibly other environments, allows local users of a guest operating system to read arbitrary files on the host operating system via unspecified vectors related to QEMU monitor mode, as demonstrated by mapping files to a CDROM device. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "fedora-xen-qemuvnc-information-disclosure(33085)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33085"
},
{
"name": "51413",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51413"
},
{
"name": "22967",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22967"
},
{
"name": "ADV-2007-1021",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1021"
},
{
"name": "ADV-2007-1019",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1019"
},
{
"name": "RHSA-2007:0114",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0114.html"
},
{
"name": "34304",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/34304"
},
{
"name": "ADV-2007-1020",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1020"
},
{
"name": "oval:org.mitre.oval:def:10486",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10486"
},
{
"name": "openSUSE-SU-2012:1572",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
},
{
"name": "FEDORA-2007-344",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://fedoranews.org/cms/node/2802"
},
{
"name": "SUSE-SU-2014:0446",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html"
},
{
"name": "FEDORA-2007-343",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://fedoranews.org/cms/node/2803"
},
{
"name": "24575",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24575"
},
{
"name": "1017764",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017764"
},
{
"name": "openSUSE-SU-2012:1573",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2007-0998",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The VNC server implementation in QEMU, as used by Xen and possibly other environments, allows local users of a guest operating system to read arbitrary files on the host operating system via unspecified vectors related to QEMU monitor mode, as demonstrated by mapping files to a CDROM device. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "fedora-xen-qemuvnc-information-disclosure(33085)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33085"
},
{
"name": "51413",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51413"
},
{
"name": "22967",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22967"
},
{
"name": "ADV-2007-1021",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1021"
},
{
"name": "ADV-2007-1019",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1019"
},
{
"name": "RHSA-2007:0114",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0114.html"
},
{
"name": "34304",
"refsource": "OSVDB",
"url": "http://osvdb.org/34304"
},
{
"name": "ADV-2007-1020",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1020"
},
{
"name": "oval:org.mitre.oval:def:10486",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10486"
},
{
"name": "openSUSE-SU-2012:1572",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
},
{
"name": "FEDORA-2007-344",
"refsource": "FEDORA",
"url": "http://fedoranews.org/cms/node/2802"
},
{
"name": "SUSE-SU-2014:0446",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html"
},
{
"name": "FEDORA-2007-343",
"refsource": "FEDORA",
"url": "http://fedoranews.org/cms/node/2803"
},
{
"name": "24575",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24575"
},
{
"name": "1017764",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017764"
},
{
"name": "openSUSE-SU-2012:1573",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2007-0998",
"datePublished": "2007-03-20T10:00:00",
"dateReserved": "2007-02-16T00:00:00",
"dateUpdated": "2024-08-07T12:43:21.585Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2007-03-20 10:19
Modified
2025-04-09 00:30
Severity ?
Summary
The VNC server implementation in QEMU, as used by Xen and possibly other environments, allows local users of a guest operating system to read arbitrary files on the host operating system via unspecified vectors related to QEMU monitor mode, as demonstrated by mapping files to a CDROM device. NOTE: some of these details are obtained from third party information.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://fedoranews.org/cms/node/2802 | ||
| secalert@redhat.com | http://fedoranews.org/cms/node/2803 | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html | ||
| secalert@redhat.com | http://osvdb.org/34304 | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2007-0114.html | Patch | |
| secalert@redhat.com | http://secunia.com/advisories/24575 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/51413 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/22967 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1017764 | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2007/1019 | Vendor Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2007/1020 | Vendor Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2007/1021 | Vendor Advisory | |
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/33085 | ||
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10486 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://fedoranews.org/cms/node/2802 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://fedoranews.org/cms/node/2803 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/34304 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2007-0114.html | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/24575 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/51413 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/22967 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1017764 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/1019 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/1020 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/1021 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/33085 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10486 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux | 5.0 | |
| redhat | enterprise_linux | 5.0 | |
| redhat | enterprise_linux | 5.0 | |
| redhat | enterprise_linux | 5.0 | |
| redhat | fedora_core | core_5.0 | |
| redhat | fedora_core | core6 | |
| xen | qemu | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:desktop:*:*:*:*:*",
"matchCriteriaId": "FE524195-06F1-4504-9223-07596588CC70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:desktop_multiple_os:*:*:*:*:*",
"matchCriteriaId": "AB55CA0F-06FB-4CED-BB2F-AB99C32062CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:server:*:*:*:*:*",
"matchCriteriaId": "40D71CBC-D365-4710-BAB5-8A1159F35E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:virtualization:*:*:*:*:*",
"matchCriteriaId": "37E17F28-76A9-4F73-8F58-35390BDCE6EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3B94B6-A5E4-4432-802E-BFAD7F3B5B4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core6:*:*:*:*:*:*:*",
"matchCriteriaId": "E007512B-2A01-4915-82D1-EDDEE8ED3190",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:xen:qemu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AC03235-6F95-414A-8C93-5215E801676E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The VNC server implementation in QEMU, as used by Xen and possibly other environments, allows local users of a guest operating system to read arbitrary files on the host operating system via unspecified vectors related to QEMU monitor mode, as demonstrated by mapping files to a CDROM device. NOTE: some of these details are obtained from third party information."
},
{
"lang": "es",
"value": "La implementaci\u00f3n del servidor VNC en QEMU, como es usada por Xen y posiblemente otros entornos, permite a usuarios locales de un sistema operativo invitado leer archivos arbitrarios en el sistema operativo host por medio de vectores no especificados relacionados con el modo de monitoreo de QEMU, como es demostrado al mapear archivos hacia un dispositivo CDROM. NOTA: algunos de estos detalles son obtenidos a partir de informaci\u00f3n de terceros."
}
],
"id": "CVE-2007-0998",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-03-20T10:19:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://fedoranews.org/cms/node/2802"
},
{
"source": "secalert@redhat.com",
"url": "http://fedoranews.org/cms/node/2803"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html"
},
{
"source": "secalert@redhat.com",
"url": "http://osvdb.org/34304"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0114.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24575"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/51413"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/22967"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1017764"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/1019"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/1020"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/1021"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33085"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10486"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://fedoranews.org/cms/node/2802"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://fedoranews.org/cms/node/2803"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/34304"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0114.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24575"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/51413"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/22967"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1017764"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/1019"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/1020"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/1021"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33085"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10486"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
},
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}