cbcvebase.
CVE-2008-5086
published 2008-12-19

CVE-2008-5086: Multiple methods in libvirt 0.3.2 through 0.5.1 do not check if a connection is read-only, which allows local users to bypass intended access restrictions and…

high7.2CVSS 3.1
AVLACLAuNCCICAC
Multiple methods in libvirt 0.3.2 through 0.5.1 do not check if a connection is read-only, which allows local users to bypass intended access restrictions and perform administrative actions.

Affected

18 ranges
VendorProductVersion rangeFixed in
debianlibvirt< libvirt 0.8.8-3 (bookworm)libvirt 0.8.8-3 (bookworm)
debianlibvirt< libvirt 0.4.6-10 (bookworm)libvirt 0.4.6-10 (bookworm)
libvirtlibvirt
libvirtlibvirt
libvirtlibvirt
libvirtlibvirt
libvirtlibvirt
libvirtlibvirt
libvirtlibvirt
redhatlibvirt
redhatlibvirt>= 0 < 0.4.6-100.4.6-10
redhatlibvirt>= 0 < 0.8.8-30.8.8-3
redhatlibvirt>= 0 < 0.4.6-100.4.6-10
redhatlibvirt>= 0 < 0.8.8-30.8.8-3
redhatlibvirt>= 0 < 0.4.6-100.4.6-10
redhatlibvirt>= 0 < 0.8.8-30.8.8-3
redhatlibvirt>= 0 < 0.4.6-100.4.6-10
redhatlibvirt>= 0 < 0.8.8-30.8.8-3

CVSS provenance

nvd7.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
osv7.2HIGH