Lucene search

K

MitreCVELIST:CVE-2022-44020

HistoryOct 29, 2022 - 12:00 a.m.

CVE-2022-44020

2022-10-2900:00:00

mitre

www.cve.org

3

openstack

virtualbmc

password protection

AI Score

5.8

Confidence

High

EPSS

0.001

Percentile

17.8%

An issue was discovered in OpenStack Sushy-Tools through 0.21.0 and VirtualBMC through 2.2.2. Changing the boot device configuration with these packages removes password protection from the managed libvirt XML domain. NOTE: this only affects an “unsupported, production-like configuration.”

References

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GAD7QJIUWPCKJIGYP7PPHH5DILOEONFE/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEQVJF3OQGSDCSQTQQSC54JEGLMSNB4Q/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMSUGS4B6EBRHBJMTRXL5RIKJTZTEMJC/

review.opendev.org/c/openstack/sushy-tools/+/862625

review.opendev.org/c/openstack/virtualbmc/+/862620

storyboard.openstack.org/#%21/story/2010382

AI Score

5.8

Confidence

High

EPSS

0.001

Percentile

17.8%

Related for CVELIST:CVE-2022-44020

fedora3 openvas3 osv2 nvd1 prion1 nessus2 cve1 redhatcve1 github1 veracode1 redhat1