Veracode Vulnerability DatabaseVERACODE:21811Information Disclosure
EPSS
Percentile
29.5%
virt-install is vulnerable to information disclosure. The --unattended option causes plaintext passwords to be leaked through the command line argument.
References
www.securityfocus.com/bid/109027
access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.1_release_notes/
access.redhat.com/errata/RHSA-2019:3464
access.redhat.com/security/cve/CVE-2019-10183
access.redhat.com/security/updates/classification/#low
bugzilla.redhat.com/show_bug.cgi?id=1599139
bugzilla.redhat.com/show_bug.cgi?id=1659354
bugzilla.redhat.com/show_bug.cgi?id=1660123
bugzilla.redhat.com/show_bug.cgi?id=1660467
bugzilla.redhat.com/show_bug.cgi?id=1661867
bugzilla.redhat.com/show_bug.cgi?id=1666597
bugzilla.redhat.com/show_bug.cgi?id=1667025
bugzilla.redhat.com/show_bug.cgi?id=1671599
bugzilla.redhat.com/show_bug.cgi?id=1679018
bugzilla.redhat.com/show_bug.cgi?id=1683609
bugzilla.redhat.com/show_bug.cgi?id=1690685
bugzilla.redhat.com/show_bug.cgi?id=1690687
bugzilla.redhat.com/show_bug.cgi?id=1692489
bugzilla.redhat.com/show_bug.cgi?id=1700354
bugzilla.redhat.com/show_bug.cgi?id=1707379
bugzilla.redhat.com/show_bug.cgi?id=1709857
bugzilla.redhat.com/show_bug.cgi?id=1714304
bugzilla.redhat.com/show_bug.cgi?id=1718065
bugzilla.redhat.com/show_bug.cgi?id=1722820
bugzilla.redhat.com/show_bug.cgi?id=1724287
bugzilla.redhat.com/show_bug.cgi?id=1726232
bugzilla.redhat.com/show_bug.cgi?id=1727811
bugzilla.redhat.com/show_bug.cgi?id=1727881
bugzilla.redhat.com/show_bug.cgi?id=1741846
bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10183
virt-manager.org/download/
www.openwall.com/lists/oss-security/2019/07/03/1
Related
