23 matches found
EUVD-2022-7030
Malicious code in bioql PyPI...
Fedora 37 : python-virtualbmc (2022-471e14677d)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-471e14677d advisory. Security fix for CVE-2022-44020 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...
RHSA-2022:8896 Red Hat Security Advisory: Red Hat OpenStack Platform 13.0 (python-virtualbmc) security update
Bulletin has no description...
SUSE CVE-2022-44020
An issue was discovered in OpenStack Sushy-Tools through 0.21.0 and VirtualBMC through 2.2.2. Changing the boot device configuration with these packages removes password protection from the managed libvirt XML domain. NOTE: this only affects an "unsupported, production-like configuration."...
Fedora 35 : python-virtualbmc (2022-42723b43fe)
The remote Fedora 35 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-42723b43fe advisory. Security fix for CVE-2022-44020 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...
Fedora 36 : python-virtualbmc (2022-72b8efd577)
The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-72b8efd577 advisory. Security fix for CVE-2022-44020 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...
[SECURITY] Fedora 36 Update: python-virtualbmc-3.0.0-1.fc36
A virtual BMC for controlling virtual machines using IPMI commands...
[SECURITY] Fedora 37 Update: python-virtualbmc-3.0.0-1.fc37
A virtual BMC for controlling virtual machines using IPMI commands...
[SECURITY] Fedora 35 Update: python-virtualbmc-3.0.0-1.fc35
A virtual BMC for controlling virtual machines using IPMI commands...
Fedora: Security Advisory for python-virtualbmc (FEDORA-2022-471e14677d)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for python-virtualbmc (FEDORA-2022-42723b43fe)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for python-virtualbmc (FEDORA-2022-72b8efd577)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2022-44020
A flaw was found in sushy-tools & VirtualBMC, where changing the boot device configuration removes password protection from the managed libvirt XML domain...
Information Disclosure
virtualbmc is vulnerable to information disclosure. The vulnerability exists due to the setbootdevice function in vbmc.py which does not properly secure information on xml changes when setting parameters revolving around boot mode, options and firmware, allowing an attacker to gain sensitive...
GHSA-5PJ3-6FQM-8M7M OpenStack Sushy-Tools and VirtualBMC Improper Preservation of Permissions
An issue was discovered in OpenStack Sushy-Tools through 0.21.0 and VirtualBMC through 2.2.2. Changing the boot device configuration with these packages removes password protection from the managed libvirt XML domain. NOTE: this only affects an "unsupported, production-like configuration."...
OpenStack Sushy-Tools and VirtualBMC Improper Preservation of Permissions
An issue was discovered in OpenStack Sushy-Tools through 0.21.0 and VirtualBMC through 2.2.2. Changing the boot device configuration with these packages removes password protection from the managed libvirt XML domain. NOTE: this only affects an "unsupported, production-like configuration."...
CVE-2022-44020
An issue was discovered in OpenStack Sushy-Tools through 0.21.0 and VirtualBMC through 2.2.2. Changing the boot device configuration with these packages removes password protection from the managed libvirt XML domain. NOTE: this only affects an "unsupported, production-like configuration."...
CVE-2022-44020
An issue was discovered in OpenStack Sushy-Tools through 0.21.0 and VirtualBMC through 2.2.2. Changing the boot device configuration with these packages removes password protection from the managed libvirt XML domain. NOTE: this only affects an "unsupported, production-like configuration."...
Design/Logic Flaw
An issue was discovered in OpenStack Sushy-Tools through 0.21.0 and VirtualBMC through 2.2.2. Changing the boot device configuration with these packages removes password protection from the managed libvirt XML domain. NOTE: this only affects an "unsupported, production-like configuration."...
CVE-2022-44020
An issue was discovered in OpenStack Sushy-Tools through 0.21.0 and VirtualBMC through 2.2.2. Changing the boot device configuration with these packages removes password protection from the managed libvirt XML domain. NOTE: this only affects an "unsupported, production-like configuration."...