CVE-2024-45068

Affected products: Hitachi Ops Center Common Services (versions 10.9.3-00 to 11.0.3-00) and Hitachi Ops Center OVA (versions 10.9.3-00 to 11.0.2-01). Issue: authentication credentials leakage due to default credentials usage, enabling potential unauthorized access. Impact: confidentiality at HIGH...

Critical Kubernetes Image Builder Vulnerability Exposes Nodes to Root Access Risk

A critical security flaw has been disclosed in the Kubernetes Image Builder that, if successfully exploited, could be abused to gain root access under certain circumstances. The vulnerability, tracked as CVE-2024-9486 CVSS score: 9.8, has been addressed in version 0.1.38. The project maintainers...

VM images built with Image Builder with some providers use default credentials during builds in github.com/kubernetes-sigs/image-builder

A security issue was discovered in the Kubernetes Image Builder versions = v0.1.37 where default credentials are enabled during the image build process when using the Nutanix, OVA, QEMU or raw providers. The credentials can be used to gain root access. The credentials are disabled at the conclusi...

CVE-2024-9594

A security issue was discovered in the Kubernetes Image Builder versions = v0.1.37 where default credentials are enabled during the image build process when using the Nutanix, OVA, QEMU or raw providers. The credentials can be used to gain root access. The credentials are disabled at the conclusi...

CVE-2024-9594 VM images built with Image Builder with some providers use default credentials during builds

A security issue was discovered in the Kubernetes Image Builder versions = v0.1.37 where default credentials are enabled during the image build process when using the Nutanix, OVA, QEMU or raw providers. The credentials can be used to gain root access. The credentials are disabled at the conclusi...

CVE-2024-9594

The CVE-2024-9594 issue affects Kubernetes Image Builder

CVE-2024-9594 VM images built with Image Builder with some providers use default credentials during builds

A security issue was discovered in the Kubernetes Image Builder versions = v0.1.37 where default credentials are enabled during the image build process when using the Nutanix, OVA, QEMU or raw providers. The credentials can be used to gain root access. The credentials are disabled at the conclusi...

CVE-2024-2859

By default, SANnav OVA is shipped with root user login enabled. While protected by a password, access to root could expose SANnav to a remote attacker should they gain access to the root account...

CVE-2024-2859

CVE-2024-2859 affects Brocade SANnav OVA images. The issue stems from the default configuration: the root user login is enabled, which could allow an unauthenticated/remote attacker to access the device if root access is obtained. Public sources in the connected records confirm the vulnerability ...

CVE-2024-2859 By default, SANnav OVA is shipped with root user login enabled (CVE-2024-2859)

By default, SANnav OVA is shipped with root user login enabled. While protected by a password, access to root could expose SANnav to a remote attacker should they gain access to the root account...

CVE-2024-29962

Brocade SANnav OVA before v2.3.1 and v2.3.0a have an insecure file permission setting that makes files world-readable. This could allow a local user without the required privileges to access sensitive information or a Java binary...

CVE-2024-29966 hard-coded credentials in the documentation that appear as the appliance root password

Brocade SANnav OVA before v2.3.1 and v2.3.0a contain hard-coded credentials in the documentation that appear as the appliance's root password. The vulnerability could allow an unauthenticated attacker full access to the Brocade SANnav appliance...

CVE-2024-29962

CVE-2024-29962 involves Brocade SANnav OVA images. The connected documents confirm that SANnav OVA before v2.3.1 and v2.3.0a have an insecure file permission setting that makes files world-readable. The impact is that a local user without the required privileges could access sensitive information...

CVE-2024-29962 Insecure file permission setting that makes files world-readable

Brocade SANnav OVA before v2.3.1 and v2.3.0a have an insecure file permission setting that makes files world-readable. This could allow a local user without the required privileges to access sensitive information or a Java binary...

CVE-2024-29963

Brocade SANnav OVA before v2.3.1, and v2.3.0a, contain hardcoded TLS keys used by Docker. Note: Brocade SANnav doesn't have access to remote Docker registries...

CVE-2024-29963 Brocade SANnav contains hardcoded TLS keys used by Docker

Brocade SANnav OVA before v2.3.1, and v2.3.0a, contain hardcoded TLS keys used by Docker. Note: Brocade SANnav doesn't have access to remote Docker registries...

CVE-2024-29963 Brocade SANnav contains hardcoded TLS keys used by Docker

Brocade SANnav OVA before v2.3.1, and v2.3.0a, contain hardcoded TLS keys used by Docker. Note: Brocade SANnav doesn't have access to remote Docker registries...

Hardcoded TLS keys used by Docker (CVE-2024-29963).

Brocade SANnav OVA before v2.3.1, and v2.3.0a, contain hardcoded TLS keys used by Docker. Brocade SANnav doesn't have access to remote Docker registries, and knowledge of the keys is a minimal risk as SANnav is prevented from communicating with Docker registries VEX code:...

Cisco NX-OS and IOS XE Software Virtual Service Image Signature Bypass (CVE-2019-12662)

A vulnerability in Cisco NX-OS Software and Cisco IOS XE Software could allow an authenticated, local attacker with valid administrator or privilege level 15 credentials to load a virtual service image and bypass signature verification on an affected device. The vulnerability is due to improper...

HammerSpace GDE / GFS 4.6.6-324 Authentication Bypass Exploit

This utility generates the TOTP passcode used to sign in as the support service account user for HammerSpace GFS default installations. Both the OVA and ISO are affected. Versions 4.6.6-324 and below with a default installation are affected. Affected Product: HammerSpace Global Data Environment /...