Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2019-10132

Опубликовано: 22 мая 2019
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 6.5
CVSS3: 8.8

Описание

A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform administrative tasks against the virtlockd and virtlogd daemons.

РелизСтатусПримечание
bionic

not-affected

4.0.0-1ubuntu8.9
cosmic

released

4.6.0-2ubuntu3.7
devel

released

5.4.0-0ubuntu1
disco

released

5.0.0-1ubuntu2.3
esm-infra-legacy/trusty

not-affected

esm-infra/bionic

not-affected

4.0.0-1ubuntu8.9
esm-infra/xenial

not-affected

1.3.1-1ubuntu10.25
precise/esm

not-affected

trusty/esm

not-affected

upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 81%
0.01575
Низкий

6.5 Medium

CVSS2

8.8 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2019-10132

CVSS3: 8.8
redhat
больше 6 лет назад

A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform administrative tasks against the virtlockd and virtlogd daemons.

nvd логотип

CVE-2019-10132

CVSS3: 8.8
nvd
больше 6 лет назад

A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform administrative tasks against the virtlockd and virtlogd daemons.

debian логотип

CVE-2019-10132

CVSS3: 8.8
debian
больше 6 лет назад

A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.s ...

github логотип

GHSA-gf34-qgv2-76mf

CVSS3: 8.8
github
больше 3 лет назад

A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform administrative tasks against the virtlockd and virtlogd daemons.

oracle-oval логотип

ELSA-2019-4688

oracle-oval
больше 6 лет назад

ELSA-2019-4688: libvirt security update (IMPORTANT)

EPSS

Процентиль: 81%
0.01575
Низкий

6.5 Medium

CVSS2

8.8 High

CVSS3