CVE-2012-5516

CWE-200 โ€” Information Exposure5 documents5 sources
Severity
2.1LOW
EPSS
0.1%
top 78.91%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Redhat Enterprise Virtualization Manager
Timeline
PublishedJan 4
Latest updateMay 17

Description

Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.1, when moving disks between storage domains, does not properly wipe-after-delete, which prevents disks from being securely deleted and might allow local users to obtain sensitive information via unspecified vectors.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

๐Ÿ”ดVulnerability Details

2
GHSA
GHSA-ph6p-jmmf-qqv2: Red Hat Enterprise Virtualization Manager (RHEV-M) before 3โ†—2022-05-17
โ–ถ
CVEList
CVE-2012-5516: Red Hat Enterprise Virtualization Manager (RHEV-M) before 3โ†—2013-01-04
โ–ถ

๐Ÿ“‹Vendor Advisories

1
Red Hat
rhev-m: MoveDisk ignores the disk's wipe-after-delete propertyโ†—2012-12-04
โ–ถ

๐Ÿ’ฌCommunity

1
Bugzilla
CVE-2012-5516 rhev-m: MoveDisk ignores the disk's wipe-after-delete propertyโ†—2012-11-10
โ–ถ
CVE-2012-5516 (LOW CVSS 2.1) | Red Hat Enterprise Virtualization M | cvebase.io