CVE-2013-4236

Advisory lineage Upstream: 0 Downstream: 2

Downstream

RHSA-2013:1155 RHSA-2013:1181

Modified

Published: 19 Aug 2013, 23:00

Last modified:06 Aug 2024, 16:38

Vulnerability Summary

Overall Risk (default)

low

11/100

CVSS Score

2.7 LOW

v2.0 (nvd)

EPSS Score

0.1% LOW

0% probability 0.00%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

19 Aug 2013, 23:00

Published

Vulnerability first disclosed

06 Aug 2024, 16:38

Last Modified

Vulnerability information updated

Description

VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become "unavailable to the managment server" via invalid XML characters in a guest agent response. NOTE: this issue is due to an incomplete fix for CVE-2013-0167.

CVSS Metrics

v2.0•LOW•Score: 2.7AV:A/AC:L/Au:S/C:N/I:N/A:P

EPSS Trends

Current EPSS score: 0.10%• Percentile: 27%

Affected Systems

redhat•enterprise_virtualization
3.0 | 3.2

References (3)

http://gerrit.ovirt.org/gitweb?p=vdsm.git%3Ba=commit%3Bh=5fe1615b7949999fc9abd896bde63bf24f8431d6
http://rhn.redhat.com/errata/RHSA-2013-1155.html
https://bugzilla.redhat.com/show_bug.cgi?id=996166