CVE-2010-3584

Unspecified vulnerability in the Oracle VM component in Oracle VM 2.2.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to ovs-agent.  NOTE: the previous information was obtained from the October 2010 CPU.  Oracle has not commented on claims from a third party researcher that this is related to the storage of passwords and password hashes in cleartext in files with insecure permissions.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:S/C:P/I:P/A:P
oracleCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 37%
VendorProductVersion
oraclevm
2.2.1
𝑥
= Vulnerable software versions
References
http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html
http://www.securityfocus.com/archive/1/514612/100/0/threaded
http://www.us-cert.gov/cas/techalerts/TA10-287A.html
http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html
http://www.securityfocus.com/archive/1/514612/100/0/threaded
http://www.us-cert.gov/cas/techalerts/TA10-287A.html