{
  "threat_severity" : "Low",
  "public_date" : "2014-11-05T00:00:00Z",
  "bugzilla" : {
    "description" : "libvirt: dumpxml: information leak with migratable flag",
    "id" : "1160817",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1160817"
  },
  "cvss" : {
    "cvss_base_score" : "3.3",
    "cvss_scoring_vector" : "AV:A/AC:L/Au:N/C:P/I:N/A:N",
    "status" : "verified"
  },
  "details" : [ "The virDomainGetXMLDesc API in Libvirt before 1.2.11 allows remote read-only users to obtain the VNC password by using the VIR_DOMAIN_XML_MIGRATABLE flag, which triggers the use of the VIR_DOMAIN_XML_SECURE flag.", "It was found that when the VIR_DOMAIN_XML_MIGRATABLE flag was used, the QEMU driver implementation of the virDomainGetXMLDesc() function could bypass the restrictions of the VIR_DOMAIN_XML_SECURE flag. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to leak certain limited information from the domain XML data." ],
  "statement" : "This issue does not affect the versions of libvirt packages as shipped with\nRed Hat Enterprise Linux 5.\nThis issue does affect the versions of libvirt packages as shipped with Red Hat\nEnterprise Linux 6 and 7. Future updates may address this issue in the\nrespective Red Hat Enterprise Linux releases.",
  "acknowledgement" : "This issue was discovered by Eric Blake (Red Hat).",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "release_date" : "2014-11-18T00:00:00Z",
    "advisory" : "RHSA-2014:1873",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6",
    "package" : "libvirt-0:0.10.2-46.el6_6.2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2015-01-05T00:00:00Z",
    "advisory" : "RHSA-2015:0008",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "libvirt-0:1.1.1-29.el7_0.4"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Not affected",
    "package_name" : "libvirt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Storage 2.1",
    "fix_state" : "Under investigation",
    "package_name" : "libvirt",
    "cpe" : "cpe:/a:redhat:storage:2.1"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2014-7823\nhttps://nvd.nist.gov/vuln/detail/CVE-2014-7823" ],
  "name" : "CVE-2014-7823",
  "csaw" : false
}