First published: Sat Oct 29 2022(Updated: )
An issue was discovered in OpenStack Sushy-Tools through 0.21.0 and VirtualBMC through 2.2.2. Changing the boot device configuration with these packages removes password protection from the managed libvirt XML domain. NOTE: this only affects an "unsupported, production-like configuration."
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Opendev Sushy-tools | <0.21.1 | |
Opendev Virtualbmc | <3.0.0 | |
Fedoraproject Fedora | =35 | |
Fedoraproject Fedora | =36 | |
Fedoraproject Fedora | =37 | |
pip/virtualbmc | <3.0.0 | 3.0.0 |
pip/sushy-tools | <0.21.1 | 0.21.1 |
<0.21.1 | ||
<3.0.0 | ||
=35 | ||
=36 | ||
=37 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.