Vulnerability in Redhat Enterprise_virtualization

CVE-2014-3559

The oVirt storage backend in Red Hat Enterprise Virtualization 3.4 does not wipe memory snapshots when deleting a VM, even when wipe-after-delete (WAD) is configured for the VM's disk, which allows remote authenticated users with certain c…

EPSS: 0.003 (51.0th percentile) — read the EPSS interpretation.

Affected products

Redhat Enterprise_virtualization — versions 3.4
N/a — versions n/a

Weakness classification (CWE)

CWE-264

References

1030664 (vdb-entry, x_refsource_SECTRACK)
virtualizationmanager-cve20143559-info-disc(95098) (vdb-entry, x_refsource_XF)
RHSA-2014:1002 (x_refsource_REDHAT, vendor-advisory, Vendor Advisory)
secalert@redhat.com (x_refsource_CONFIRM)