Vulnerabilities
Misconfiguration
Runtime Security
Compliance
CVE Vulnerabilities

CVE-2010-2223

Published: Jun 24, 2010 | Modified: Jun 25, 2010
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
2.1 LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
2.1 MODERATE
AV:L/AC:L/Au:N/C:P/I:N/A:N
RedHat/V3
Ubuntu
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2010-2223
CWEhttps://cwe.mitre.org/data/definitions/264.html

Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H or rhev-hypervisor) before 5.5-2.2 does not properly perform VM post-zeroing after the removal of a virtual machines data, which allows guest OS users to obtain sensitive information by examining the disk blocks associated with a deleted virtual machine.

Affected Software

Name Vendor Start Version End Version
Enterprise_virtualization_hypervisor Redhat * 5.4-2.1 (including)
Red Hat Enterprise Virtualization for RHEL-5 RedHat vdsm22-0:4.5-62.el5rhev *
Red Hat Enterprise Virtualization for RHEL-5 RedHat rhev-hypervisor-0:5.5-2.2.4.2.el5rhev *

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use