Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform administrative tasks against the virtlockd and virtlogd daemons.
CVSS Information
N/A
Vulnerability Type
关键资源的不正确权限授予
Vulnerability Title
Red Hat libvirt 权限许可和访问控制问题漏洞
Vulnerability Description
Red Hat libvirt是美国红帽(Red Hat)公司的一个用于实现Linux虚拟化功能的Linux API,它支持各种Hypervisor,包括Xen和KVM,以及QEMU和用于其他操作系统的一些虚拟产品。 Red Hat libvirt 4.1.0及之前的版本中存在权限许可和访问控制问题漏洞。攻击者可借助virtlockd-admin-sock或virtlogd-admin-sock利用该漏洞进行连接并执行管理操作。
CVSS Information
N/A
Vulnerability Type
N/A