What is the severity of CVE-2010-2223?

CVE-2010-2223 is classified as a medium severity vulnerability.

How do I fix CVE-2010-2223?

To resolve CVE-2010-2223, update the Red Hat Enterprise Virtualization Hypervisor to a version later than 5.4-2.1 that addresses the issue.

What affected software is associated with CVE-2010-2223?

CVE-2010-2223 affects Red Hat Enterprise Virtualization Hypervisor versions up to and including 5.4-2.1.

What type of vulnerability is CVE-2010-2223?

CVE-2010-2223 is a flaw related to insecure deletion of data back end in the Virtual Desktop Server Manager.

Who can exploit CVE-2010-2223?

CVE-2010-2223 can potentially be exploited by guest users who interact with the affected virtual machines.

Vulnerability/
CVE-2010-2223

low

2.1

CWE

264

16/6/2010

24/6/2010

7/8/2024

CVE-2010-2223

First published: Wed Jun 16 2010(Updated: )

A flaw was found in the way the Virtual Desktop Server Manager (VDSM) handled the removal of a virtual machine's (VM) data back end (such as an image or a volume). When removing an image or a volume, it was not securely deleted from its corresponding data domain as expected. A guest user in a new, raw VM, created in a data domain that has had VMs deleted from it, could use this flaw to read limited data from those deleted VMs, potentially disclosing sensitive information.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
Red Hat Enterprise Virtualization Hypervisor	<=5.4-2.1

Remedy

https://rhn.redhat.com/errata/RHSA-2010-0473.html

Remedy

https://rhn.redhat.com/errata/RHSA-2010-0476.html

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2010-2223?
CVE-2010-2223 is classified as a medium severity vulnerability.
How do I fix CVE-2010-2223?
To resolve CVE-2010-2223, update the Red Hat Enterprise Virtualization Hypervisor to a version later than 5.4-2.1 that addresses the issue.
What affected software is associated with CVE-2010-2223?
CVE-2010-2223 affects Red Hat Enterprise Virtualization Hypervisor versions up to and including 5.4-2.1.
What type of vulnerability is CVE-2010-2223?
CVE-2010-2223 is a flaw related to insecure deletion of data back end in the Virtual Desktop Server Manager.
Who can exploit CVE-2010-2223?
CVE-2010-2223 can potentially be exploited by guest users who interact with the affected virtual machines.

agent/first-publish-date
agent/type
agent/remedy
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/last-modified-date
agent/author
agent/references
agent/weakness
agent/description
agent/event
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2010-2223
agent/trending
agent/source
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/redhat
canonical/red hat enterprise virtualization hypervisor
version/red hat enterprise virtualization hypervisor/5.4-2.1

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.