libvirt prior to 2.2 includes Ceph credentials on the qemu command line when using RADOS Block Device (aka RBD), which allows local users to obtain sensitive information via a process listing.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
libvirt libvirt |
||
redhat enterprise linux server eus 7.3 |
||
redhat enterprise linux workstation 7.0 |
||
redhat enterprise linux desktop 7.0 |
||
redhat enterprise linux server aus 7.6 |
||
redhat enterprise linux server aus 7.4 |
||
redhat enterprise linux server aus 7.3 |
||
redhat enterprise linux server tus 7.6 |
||
redhat enterprise linux server 7.0 |
||
redhat enterprise linux server eus 7.5 |
||
redhat enterprise linux eus 7.6 |
||
redhat enterprise linux eus 7.4 |
||
redhat enterprise linux 6.0 |
||
redhat enterprise linux server eus 7.6 |
||
redhat enterprise linux server eus 7.4 |
||
redhat virtualization 3.0 |
||
redhat enterprise linux eus 7.5 |
||
redhat enterprise linux eus 7.3 |
||
redhat enterprise linux server tus 7.3 |
||
redhat enterprise linux 5 |
Vulmon