An issue exists in OpenStack Sushy-Tools up to and including 0.21.0 and VirtualBMC up to and including 2.2.2. Changing the boot device configuration with these packages removes password protection from the managed libvirt XML domain. NOTE: this only affects an "unsupported, production-like configuration."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
opendev sushy-tools |
||
opendev virtualbmc |
||
fedoraproject fedora 35 |
||
fedoraproject fedora 36 |
||
fedoraproject fedora 37 |