vulnerability
Red Hat: CVE-2016-5008: Moderate: libvirt security, bug fix, and enhancement update (RHSA-2016:2577)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:N/I:P/A:N) | 2016-07-13 | 2016-11-04 | 2018-01-17 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Published
2016-07-13
Added
2016-11-04
Modified
2018-01-17
Description
libvirt before 2.0.0 improperly disables password checking when the password on a VNC server is set to an empty string, which allows remote attackers to bypass authentication and establish a VNC session by connecting to the server.
Solution(s)
redhat-upgrade-libvirtredhat-upgrade-libvirt-clientredhat-upgrade-libvirt-daemonredhat-upgrade-libvirt-daemon-config-networkredhat-upgrade-libvirt-daemon-config-nwfilterredhat-upgrade-libvirt-daemon-driver-interfaceredhat-upgrade-libvirt-daemon-driver-lxcredhat-upgrade-libvirt-daemon-driver-networkredhat-upgrade-libvirt-daemon-driver-nodedevredhat-upgrade-libvirt-daemon-driver-nwfilterredhat-upgrade-libvirt-daemon-driver-qemuredhat-upgrade-libvirt-daemon-driver-secretredhat-upgrade-libvirt-daemon-driver-storageredhat-upgrade-libvirt-daemon-kvmredhat-upgrade-libvirt-daemon-lxcredhat-upgrade-libvirt-debuginforedhat-upgrade-libvirt-develredhat-upgrade-libvirt-docsredhat-upgrade-libvirt-lock-sanlockredhat-upgrade-libvirt-login-shellredhat-upgrade-libvirt-nss
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.