Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
When libvirtd is configured by OSP director (tripleo-heat-templates) to use the TLS transport it defaults to the same certificate authority as all non-libvirtd services. As no additional authentication is configured this allows these services to connect to libvirtd (which is equivalent to root access). If a vulnerability exists in another service it could, combined with this flaw, be exploited to escalate privileges to gain control over compute nodes.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
libvirtd 安全漏洞
Vulnerability Description
libvirtd是一套用于管理虚拟主机的工具。该工具具有虚拟机管理、远程连接、存储管理和网络接口管理等功能。 libvirtd中存在安全漏洞。攻击者可利用该漏洞提升权限,控制计算节点。
CVSS Information
N/A
Vulnerability Type
N/A