CVE-2020-14301 in Red Hat and NetApp Products
Published on May 27, 2021

An information disclosure vulnerability was found in libvirt in versions before 6.3.0. HTTP cookies used to access network-based disks were saved in the XML dump of the guest domain. This flaw allows an attacker to access potentially sensitive information in the domain configuration via the `dumpxml` command.

NVD

Weakness Type

Improper Removal of Sensitive Information Before Storage or Transfer

The product stores, transfers, or shares a resource that contains sensitive information, but it does not properly remove that information before the product makes the resource available to unauthorized actors.

Products Associated with CVE-2020-14301

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2020-14301 are published in these products:

Red Hat Libvirt

Red Hat Enterprise Linux (RHEL)

Red Hat Enterprise Linux Tus

Red Hat Enterprise Linux Eus

Red Hat Enterprise Linux Server Aus

Red Hat Enterprise Linux Server Update Services Sap Solutions

Red Hat Enterprise Linux Power Little Endian

Red Hat Enterprise Linux Ibm Z Systems Eus

Red Hat Enterprise Linux Ibm Z Systems

Red Hat Enterprise Linux Power Little Endian Eus

Red Hat Enterprise Linux Server Power Little Endian Update Services Sap Solutions

NetApp Ontap Select Deploy Administration Utility

Exploit Probability

EPSS

0.49%

Percentile

65.12%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-14301 in Red Hat and NetApp ProductsPublished on May 27, 2021

Weakness Type

Improper Removal of Sensitive Information Before Storage or Transfer

Products Associated with CVE-2020-14301

Exploit Probability

CVE-2020-14301 in Red Hat and NetApp Products
Published on May 27, 2021