Fedora 35 : python-virtualbmc (2022-42723b43fe)

The remote Fedora 35 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-42723b43fe advisory. Security fix for CVE-2022-44020 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

CVE-2022-44020

A flaw was found in sushy-tools & VirtualBMC, where changing the boot device configuration removes password protection from the managed libvirt XML domain...

OpenStack Sushy-Tools and VirtualBMC Improper Preservation of Permissions

An issue was discovered in OpenStack Sushy-Tools through 0.21.0 and VirtualBMC through 2.2.2. Changing the boot device configuration with these packages removes password protection from the managed libvirt XML domain. NOTE: this only affects an "unsupported, production-like configuration."...

CVE-2022-44020

An issue was discovered in OpenStack Sushy-Tools through 0.21.0 and VirtualBMC through 2.2.2. Changing the boot device configuration with these packages removes password protection from the managed libvirt XML domain. NOTE: this only affects an "unsupported, production-like configuration."...

CVE-2022-44020

CVE-2022-44020 affects OpenStack Sushy-Tools up to 0.21.0 and VirtualBMC up to 2.2.2. The issue occurs when changing the boot device configuration, which removes password protection from the managed libvirt XML domain. This risk is disclosed as affecting an "unsupported, production-like configura...