OESA-2024-1564 sos security update

Sos is an extensible, portable, support data collection tool primarily aimed at Linux distributions and other UNIX-like operating systems. Security Fixes: It was found that the ovirt-log-collector/sosreport collects the RHV admin password unfiltered. Fixed in: sos-4.2-20.el86,...

EulerOS 2.0 SP8 : sos (EulerOS-SA-2024-1300)

According to the versions of the sos package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was found that the ovirt-log-collector/sosreport collects the RHV admin password unfiltered. Fixed in: sos-4.2-20.el86,...

Huawei EulerOS: Security Advisory for sos (EulerOS-SA-2024-1300)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CBL Mariner 2.0 Security Update: sos (CVE-2022-2806)

The version of sos installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-2806 advisory. - It was found that the ovirt-log-collector/sosreport collects the RHV admin password unfiltered. Fixed in:...

NewStart CGSL CORE 5.04 / MAIN 5.04 : sos Vulnerability (NS-SA-2023-0002)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has sos packages installed that are affected by a vulnerability: - It was found that the ovirt-log-collector/sosreport collects the RHV admin password unfiltered. Fixed in: sos-4.2-20.el86, ovirt-log-collector-4.4.7-2.el8ev...

NewStart CGSL MAIN 6.02 : sos Vulnerability (NS-SA-2023-0003)

The remote NewStart CGSL host, running version MAIN 6.02, has sos packages installed that are affected by a vulnerability: - It was found that the ovirt-log-collector/sosreport collects the RHV admin password unfiltered. Fixed in: sos-4.2-20.el86, ovirt-log-collector-4.4.7-2.el8ev CVE-2022-2806...

CVE-2022-2806 affecting package sos 4.1-3

CVE-2022-2806 affecting package sos 4.1-3. A patched version of the package is available...

Updated sos packages fix security vulnerability

SoS incorrectly handled certain data. An attacker could possibly use this issue to expose sensitive information. CVE-2022-2806...

CVE-2022-2806 affecting package sos for versions less than 4.4-1

CVE-2022-2806 affecting package sos for versions less than 4.4-1. An upgraded version of the package is available that resolves this issue...

Ubuntu: Security Advisory (USN-5636-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS : SoS vulnerability (USN-5636-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5636-1 advisory. It was discovered that SoS incorrectly handled certain data. An attacker could possibly use this issue to expose sensitive...

AZL-10827 CVE-2022-2806 affecting package sos for versions less than 4.4-1

It was found that the ovirt-log-collector/sosreport collects the RHV admin password unfiltered. Fixed in: sos-4.2-20.el86, ovirt-log-collector-4.4.7-2.el8ev...

CVE-2022-2806

This CVE (CVE-2022-2806) concerns the sos/os-report tooling used by ovirt-log-collector where the RHV admin password could be collected unfiltered. The vulnerability is tied to the sos package and related components; fixes were released in sos-4.2-20.el8_6 and ovirt-log-collector-4.4.7-2.el8ev. A...

CVE-2022-2806

A flaw was found in the ovirt-log-collector, which led to the logging of plaintext passwords in the log file. This flaw allows an attacker with sufficient privileges to read the log file, leading to a loss of confidentiality...