CVE-2011-4600

Advisory lineage Upstream: 0 Downstream: 5

Downstream

DEBIAN-CVE-2011-4600 OPENSUSE-SU-2024:10209-1 RHBA-2012:0013 UBUNTU-CVE-2011-4600 USN-2867-1

Modified

Published: 14 Apr 2016, 15:00

Last modified:07 Aug 2024, 00:09

Vulnerability Summary

Overall Risk (default)

low

24/100

CVSS Score

5.9 MEDIUM

v3.0 (nvd)

EPSS Score

0.35% LOW

0% probability +0.05%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

14 Apr 2016, 15:00

Published

Vulnerability first disclosed

07 Aug 2024, 00:09

Last Modified

Vulnerability information updated

Description

The networkReloadIptablesRules function in network/bridge_driver.c in libvirt before 0.9.9 does not properly handle firewall rules on bridge networks when libvirtd is restarted, which might allow remote attackers to bypass intended access restrictions via a (1) DNS or (2) DHCP query.

CVSS Metrics

v3.0•MEDIUM•Score: 5.9CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
v2.0•MEDIUM•Score: 4.3AV:N/AC:M/Au:N/C:N/I:P/A:N

EPSS Trends

Current EPSS score: 0.35%• Percentile: 58%

Techniques & Countermeasures

CWE-284•Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

Affected Systems

canonical•ubuntu_linux
12.04 | 14.04 | 15.04 | 15.10
redhat•libvirt
0.9.8