Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The oVirt storage backend in Red Hat Enterprise Virtualization 3.4 does not wipe memory snapshots when deleting a VM, even when wipe-after-delete (WAD) is configured for the VM's disk, which allows remote authenticated users with certain credentials to read portions of the deleted VM's memory and obtain sensitive information via an uninitialized storage volume.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Red Hat Enterprise Virtualization Manager 权限许可和访问控制问题漏洞
Vulnerability Description
Red Hat是美国红帽(Red Hat)公司的一个操作系统。提供了一个开源的操作系统。 Red Hat Enterprise Virtualization Manager 3.4版本存在权限许可和访问控制问题漏洞,该漏洞源于程序删除VM时,没有清除内存快照。远程攻击者可通过未初始化的存储卷利用该漏洞读取已删除VM内存的部分信息,获取敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A