10 matches found
Oracle Linux 8 : virt-manager (ELSA-2019-3464)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-3464 advisory. 2.2.1-2.0.1 - Add OL release support to virt-install for OL KVM guest creation Orabug: 26135782 2.2.1-2 - man: virt-install: Fix a couple of launchSecurity...
SUSE CVE-2019-10183
Virt-install1 utility used to provision new virtual machines has introduced an option '--unattended' to create VMs without user interaction. This option accepts guest VM password as command line arguments, thus leaking them to others users on the system via process listing. It was introduced...
RHEL 8 : virt-manager (RHSA-2019:3464)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:3464 advisory. Virtual Machine Manager virt-manager is a graphical tool for administering virtual machines for KVM, Xen, and Linux Containers LXC. The virt-manager...
virt-install: unattended option leaks password via command line argument
The virt-install utility used to provision new virtual machines, in virt-manager v2.2.0, has introduced an option '--unattended' to create VMs without user interaction. This option accepts guest VM password as command line arguments. An attacker could obtain these passwords though process listing...
CVE-2019-10183
Virt-install1 utility used to provision new virtual machines has introduced an option '--unattended' to create VMs without user interaction. This option accepts guest VM password as command line arguments, thus leaking them to others users on the system via process listing. It was introduced...
CVE-2019-10183
Virt-install1 utility used to provision new virtual machines has introduced an option '--unattended' to create VMs without user interaction. This option accepts guest VM password as command line arguments, thus leaking them to others users on the system via process listing. It was introduced...
CVE-2019-10183
Virt-install1 utility used to provision new virtual machines has introduced an option '--unattended' to create VMs without user interaction. This option accepts guest VM password as command line arguments, thus leaking them to others users on the system via process listing. It was introduced...
CVE-2019-10183
The CVE-2019-10183 issue concerns virt-manager/virt-install where the --unattended option accepts the guest VM password on the command line, enabling leakage via process listings on the local host. Affected component: virt-install/virt-manager (2.2.0 introduced the option). Reported impact is lea...
CVE-2019-10183
Virt-install1 utility used to provision new virtual machines has introduced an option '--unattended' to create VMs without user interaction. This option accepts guest VM password as command line arguments, thus leaking them to others users on the system via process listing. It was introduced...
CVE-2019-10183
Virt-install1 utility used to provision new virtual machines has introduced an option '--unattended' to create VMs without user interaction. This option accepts guest VM password as command line arguments, thus leaking them to others users on the system via process listing. It was introduced...