← volver
CVE-2017-1000256

CVE-2017-1000256

EPSS 1.7%
libvirt version 2.3.0 and later is vulnerable to a bad default configuration of "verify-peer=no" passed to QEMU by libvirt resulting in a failure to validate SSL/TLS certificates by default.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://access.redhat.com/security/cve/CVE-2017-1000256https://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg1556251.htmlhttps://www.redhat.com/archives/libvirt-announce/2017-October/msg00001.htmlhttp://www.debian.org/security/2017/dsa-4003