NVD

Id
38304  
Name
CVE-2013-2211  
Description
The libxenlight (libxl) toolstack library in Xen 4.0.x, 4.1.x, and 4.2.x uses weak permissions for xenstore keys for paravirtualised and emulated serial console devices, which allows local guest administrators to modify the xenstore value via unspecified vectors.  
Reject
 
CVSS Version
2  
CVSS Score
7.4  
Severity
High  
CVSS Base Score
7.4  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
4.4  
CVSS Vector
(AV:A/AC:M/Au:S/C:C/I:C/A:C)  
Pub Date
2017-01-18  
Published
2013-08-28  
Modified Date
2014-12-11  
Seq
2013-2211  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
195888 38304 CVE-2013-2211 SUSE-SU-2014:0446  View
195889 38304 CVE-2013-2211 GLSA-201309-24  View
195890 38304 CVE-2013-2211 DSA-3006  View
195891 38304 CVE-2013-2211 [oss-security] 20130625 Re: Xen Security Advisory 57 - libxl allows guest write access to sensitive console related xenstore keys  View
195892 38304 CVE-2013-2211 [oss-security] 20130626 Xen Security Advisory 57 (CVE-2013-2211) - libxl allows guest write access to sensitive console related xenstore keys  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
22346 JVNDB-2013-003921 Xen の libxenlight toolstack ライブラリにおける xenstore の値を変更される脆弱性 Xen の libxenlight (libxl) toolstack ライブラリは、準仮想化 (paravirtualised) およびエミュレートされたシリアルコンソールデバイスの xenstore の鍵に脆弱なパーミッションを使用するため、xenstore の値を変更される脆弱性が存在します。 CVE-2013-2211 62153 CVE-2013-2211 38304 7.4 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-003921.html 2013-06-26 2013-11-08 View