Lucene search

VirtuozzoVZA-2024-030

HistoryJul 17, 2024 - 12:00 a.m.

Virtuozzo Hybrid Infrastructure 6.1 Update 1.5 (6.1.1-49)

2024-07-1700:00:00

docs.virtuozzo.com

virtuozzo hybrid infrastructure

update

security fixes

stability

vstor-75009

vstor-76816

hypervisor

vstor-85653

vstor-87742

chunk service

vstor-88832

networks

vstor-89010

cve-2024-4467

s3 user authentication

amazon signature version 4

vstor-89156

cve-2024-6409

unix

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.7

Confidence

Low

EPSS

Percentile

13.8%

JSON

This update provides security and stability fixes.
Vulnerability id: VSTOR-75009, VSTOR-76816
Stability fixes for the hypervisor.

Vulnerability id: VSTOR-85653, VSTOR-87742
Stability fixes for the chunk service.

Vulnerability id: VSTOR-88832
A security fix for networks.

Vulnerability id: VSTOR-89010
A security fix for CVE-2024-4467.

Vulnerability id: VSTOR-89106
Fixed an issue with S3 user authentication via the Amazon Signature Version 4 algorithm.

Vulnerability id: VSTOR-89156
A security fix for CVE-2024-6409.

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.7

Confidence

Low

EPSS

Percentile

13.8%

JSON

Related for VZA-2024-030