vulnerability

Huawei EulerOS: CVE-2016-5008: libvirt security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:N/I:P/A:N)	Jul 13, 2016	Nov 30, 2017	Aug 13, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:P/A:N)

Published

Jul 13, 2016

Added

Nov 30, 2017

Modified

Aug 13, 2025

Description

It was found that setting a VNC password to an empty string in libvirt did not disable all access to the VNC server as documented, instead it allowed access with no authentication required. An attacker could use this flaw to access a VNC server with an empty VNC password without any authentication.

Solution

huawei-euleros-2_0_sp1-upgrade-libvirt-client

References

CVE-2016-5008
https://attackerkb.com/topics/CVE-2016-5008
CWE-284
EULEROS-EulerOS-SA-2017-1053

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today