CVE-2013-2007

{"id": "CVE-2013-2007", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-05-21T18:55:02.623", "references": [{"url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=c689b4f1bac352dcfd6ecb9a1d45337de0f1de67", "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-updates/2013-07/msg00057.html", "source": "secalert@redhat.com"}, {"url": "http://osvdb.org/93032", "source": "secalert@redhat.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2013-0791.html", "source": "secalert@redhat.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2013-0896.html", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/53325", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2013/05/06/5", "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/59675", "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id/1028521", "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=956082", "source": "secalert@redhat.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84047", "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when started in daemon mode, uses weak permissions for certain files, which allows local users to read and write to these files."}, {"lang": "es", "value": "El agente qemu en en Qemu 1.4.1 y anteriores, usado por Xen, cuando se inicia en modo demonio, utiliza permisos d\u00e9biles para determinados archivos, lo que permite a usuarios locales leer y escribir sobre estos archivos."}], "lastModified": "2023-02-13T04:42:39.310", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:qemu:qemu:1.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "59B3B915-1606-48E4-9EFC-BD9D6A6D404A"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}